Re: claroline <= Multiple Remote File Include Vulnerablitiy

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Re: claroline <= Multiple Remote File Include Vulnerablitiy
From: BlackHawk <hawkgotyou@xxxxxxxxx>
Date: Mon, 23 Apr 2007 21:27:26 +0200
Dkim-signature: a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:date:from:x-mailer:reply-to:x-priority:message-id:to:subject:in-reply-to:references:mime-version:content-type:content-transfer-encoding; b=qFqPXNbexUVRkvCGh5nzJN3ekHNjqkZ7dAM1ywM7IHk6/kwlHcvgWTS29VdSY8bPLIX55yM4LWBpxWFCelzXjTH5i/BrSq0RLHHHu9kSVgtkh/aQjMOl6ZFftaffmwoIb9iN7YLHuw1vUrZO0FKQahIVvzVaN8aZHLFBClwIFVg=
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:date:from:x-mailer:reply-to:x-priority:message-id:to:subject:in-reply-to:references:mime-version:content-type:content-transfer-encoding; b=elJjnJXHiYRTqKzWtVD6bFVHrbdW3rPtqfl2G+pjvEa3Zmsz15QeCMzKfjeVLRqDOxlngh4Vq97pKk3gow0iBMCGbEb/NU59GAmFS9k1Hc6KY/t2EYhK7PJZ6nVIcwLenwP7ucubdNLj2CfUQh73AfgNCIdDQioyXxffrCY2hIA=
In-reply-to: <20070422150045.17962.qmail@xxxxxxxxxxxxxxxxx>
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm
References: <20070422150045.17962.qmail@xxxxxxxxxxxxxxxxx>
Reply-to: BlackHawk <hawkgotyou@xxxxxxxxx>

pretty old version.. more vuln discovered lot of time ago

http://www.milw0rm.com/exploits/2510
http://www.milw0rm.com/exploits/1877

> # claroline <= Multiple Remote File Include Vulnerablitiy
> # D.Script:
> http://www.e-learningone.it/software_free/e-learning/claroline175.zip
> # Discovered by: MoHaNdKo-=-=-> MoHaNdKo@xxxxxxxxx
> # Homepage: http://www.MoHaNdKo.cOm
> # Exploit:[Path]/claroline/inc/lib/rootSys=Shell
> # Greetz To: Tryag-Team & AsbMay's Group & Xp10 TeAm & CiTy GhOsTs TeAm
> #Greetz To: mY Love Dr.hacker BiG seso

-- 
Best regards,
 BlackHawk                            mailto:hawkgotyou@xxxxxxxxx

References:
- claroline <= Multiple Remote File Include Vulnerablitiy
  - From: Mohandko

Prev by Date: YA Book 0.98 Persistent XSS
Next by Date: gallery >> 1.5.6 Remote File Inclusion
Previous by thread: claroline <= Multiple Remote File Include Vulnerablitiy
Next by thread: lms 1.5.3 Remote File Inclusion
Index(es):
- Date
- Thread