<<< Date Index >>>     <<< Thread Index >>>

blogsystem 1.4 >> local & remote = -rfi & lfi & -xss



demo: blog23.com
by : hackerz.ir userz !
ADMIN/index.php include($category."/".$folder."_".$page.".php");
ADMIN/index.php include($category."/".$action.".php");
ADMIN/login.php include($lngTexts);
ADMIN/login.php include($lngConfig);
BO/index.php    include($category."/".$folder."_".$page.".php");
BO/index.php    include($category."/".$action.".php");
BO/login.php    include($lngTexts);
BO/login.php    include($lngConfig);
for example remote :
++++++++++++++++++++++++++
login to your user after that u can user exploit >
ADMIN/index.php include($category."/".$folder."_".$page.".php");
+++++++++++++++++++++++++
local file include & remote file include in admin panel
BO/login.php    include($lngTexts);
BO/login.php    include($lngConfig);