The exploit demonstrates a Remote File Inclusion (RFI) vulnerability in Nuked-Klan SP4 by providing three URLs where the 'mod', 'module', or 'modul' parameters can be manipulated to include malicious remote files. The vulnerability allows an attacker to execute arbitrary code by injecting a remote script.
Classification
Working Poc 90%
Target:
Nuked-Klan SP4
No auth needed
Prerequisites:
Access to the target web application · Ability to host a malicious script on a remote server