arfis

automated Remote File Inclusion search

RFI (0.2): phpXD September 14, 2007

Filed under: RFI — arfis @ 2:06 am

Project Name: phpXD
Project Link: http://sourceforge.net/projects/phpxd/
Project DL: http://surfnet.dl.sourceforge.net/sourceforge/phpxd/phpxd_0.3.tar.gz
RFI Info:
File: tmp/phpxd_0.3.ta/phpxd_0.3/include/dom.php
Line: 9
Vuln Code: require($path.”include/dom/Node.php”);

File: tmp/phpxd_0.3.ta/phpxd_0.3/include/dtd.php
Line: 9
Vuln Code: require($path.”include/dtd/DTDAttList.php”);

File: tmp/phpxd_0.3.ta/phpxd_0.3/include/parser.php
Line: 9
Vuln Code: require($path.”include/parser/DOMParser.php”);

(found with version 0.2 – 2145 projects processed so far)