Дополнительная информация Ежедневная сводка ошибок в Web-приложениях (PHP, ASP, JSP, CGI, Perl ) phpPC 1.04 Multiples Remote File Inclusion Pearl Forums 2.4 Multiple Remote File Include Vulnerabilities PhotoCart 3.9 (adminprint.php) Remote File Include Vulnerability Advisory: LDU <= 8.x Remote SQL Injection Vulnerability. From:sni-labs_(at)_sni-labs.com <sni-labs_(at)_sni-labs.com> Date:22 ноября 2006 г.Subject:Vulnerability in PostNukeError PostNuke in the variable stop which can be exploited by malicious people to disclose system information. Luckily the vulnerability affects to the 0.7.5.0 version and minors. POC: http://www.[web-with-PostNuke].com/user.php?stop=a (no numeric value) Example: http://www.dev-postnuke.com/user.php?stop=a http://www.americavivetv.com/user.php?stop=a http://www.ciberpsique.net/user.php?stop=a http://www.bonsaiabm.com/user.php?stop=a http://www.elrincondejada.net/user.php?stop=a http://www.salsa.org.pl/user.php?stop=a http://www.choco.org/user.php?stop=a by rMrGvG http://SNI-LABS.com since 1998 ---------------------------------------------------------------- This message was sent using IMP, the Internet Messaging Program.
Ежедневная сводка ошибок в Web-приложениях (PHP, ASP, JSP, CGI, Perl )
phpPC 1.04 Multiples Remote File Inclusion
Pearl Forums 2.4 Multiple Remote File Include Vulnerabilities
PhotoCart 3.9 (adminprint.php) Remote File Include Vulnerability
Advisory: LDU <= 8.x Remote SQL Injection Vulnerability.
