arfis

automated Remote File Inclusion search

RFI (0.2): BC ImageServer September 14, 2007

Filed under: RFI — arfis @ 3:26 am

Project Name: BC ImageServer
Project Link: http://sourceforge.net/projects/bciserv/
Project DL: http://surfnet.dl.sourceforge.net/sourceforge/bciserv/bciserv-0.2.tar.gz
RFI Info:
File: tmp/bciserv-0.2.ta/bciserv/includes/config/security_up.php
Line: 21
Vuln Code: include($root_path.’/includes/classes/class.security.php’);

File: tmp/bciserv-0.2.ta/bciserv/includes/config/db_up.php
Line: 21
Vuln Code: include ($root_path.’/includes/classes/adodb/adodb.inc.php’);

(found with version 0.2 – 2727 projects processed so far)