BoonexDolphin5.2.txt

🗓️ 20 Oct 2006 00:00:00Reported by disfigureType

packetstorm🔗 packetstormsecurity.com👁 16 Views

Remote File Inclusion vulnerability in Boonex Dolphin 5.2 requires specific PHP settings.

`/****************************************/  
  
http://www.w4cking.com  
  
CREDIT:  
w4ck1ng.com  
  
PRODUCT:  
Boonex Dolphin 5.2  
http://www.boonex.com/products/dolphin/  
  
VULNERABILITY:  
Remote File Inclusion  
  
NOTES:  
- requires register globals on  
- requires magic quotes off  
  
POC:  
<host>/<path>/templates/tmpl_dfl/scripts/index.php?dir[inc]=<local/remotefile>  
  
ADVISORY & EXPLOIT (requires registration):  
http://w4ck1ng.com/board/showthread.php?t=1490  
  
/****************************************/  
`

20 Oct 2006 00:00Current

7.4High risk

Vulners AI Score7.4