[VIM] false: Back-End CMS Database Tables v0.4.7 Remote File Include Vulnerabilities
GM darkfig
gmdarkfig at gmail.com
Sun Apr 15 12:47:05 UTC 2007
Link: http://www.securityfocus.com/archive/1/465734/30/0/threaded
Author: the_Edit0r
Quote from the thread:
"www.example.com/[path]/htdocs/site-admin/index.php?includes_path=[Shell-Script]"
index.php (and the others files):
require("includes_path.php");
require($includes_path . "/includes.inc");
includes_path.php:
$includes_path = "/home/be480/includes";
More information about the VIM
mailing list