This exploit demonstrates a Remote File Inclusion (RFI) vulnerability in Cybershade CMS 0.2. The vulnerability arises from unsanitized user input in the `CMS_ROOT` parameter, allowing an attacker to include arbitrary remote files.
Classification
Working Poc 90%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target:Cybershade CMS 0.2
No auth needed
Prerequisites:Remote file inclusion must be enabled on the target server · Attacker must be able to reach the target with crafted HTTP requests