PHP Blue Dragon CMS 3.0.0 Remote File Inclusion Vulnerability (0dd exploit)

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: PHP Blue Dragon CMS 3.0.0 Remote File Inclusion Vulnerability (0dd exploit)
From: Emanuele Gentili <bathym@xxxxxxxxxxxx>
Date: Tue, 14 Aug 2007 04:38:59 +0200
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm
Openpgp: id=30188F0F
User-agent: Thunderbird 2.0.0.6 (X11/20070804)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Exploit is attached.

E.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFGwRXDmErIuzAYjw8RApkJAKCkxFrH2XmwTS37D0B8BmaFe47EkwCgs5Uc
6XtVfkHyqOVv51uylzwT3WQ=
=49Nv
-----END PGP SIGNATURE-----

Attachment: egs-fuckphpbluedragon300.pl
Description: Perl program

Prev by Date: [ MDKSA-2007:159 ] - Updated gpdf packages fix vulnerability
Next by Date: Re: PHPCentral Login Script Remote Command Execution Vulnerability
Previous by thread: [ MDKSA-2007:159 ] - Updated gpdf packages fix vulnerability
Next by thread: [ MDKSA-2007:161 ] - Updated poppler packages fix vulnerability
Index(es):
- Date
- Thread