arfis

automated Remote File Inclusion search

RFI (0.2): GodSend September 13, 2007

Filed under: RFI — arfis @ 10:36 pm

Project Name: GodSend
Project Link: http://sourceforge.net/projects/godsend/
Project DL: http://surfnet.dl.sourceforge.net/sourceforge/godsend/godsend-0.6.tar.bz2
RFI Info:
File: tmp/godsend-0.6.tar/godsend-0.6/gtk/main.inc.php
Line: 24
Vuln Code: require_once($SCRIPT_DIR.’/gtk/mainwindow.inc.php’);

File: tmp/godsend-0.6.tar/godsend-0.6/cmdline.inc.php
Line: 27
Vuln Code: require_once($SCRIPT_DIR.’/gtk/main.inc.php’);

(found with version 0.2 – 805 projects processed so far)