Related information Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl) phpPC 1.04 Multiples Remote File Inclusion Pearl Forums 2.4 Multiple Remote File Include Vulnerabilities PhotoCart 3.9 (adminprint.php) Remote File Include Vulnerability Advisory: LDU <= 8.x Remote SQL Injection Vulnerability. From:sni-labs_(at)_sni-labs.com <sni-labs_(at)_sni-labs.com> Date:22.11.2006Subject:Vulnerability in PostNukeError PostNuke in the variable stop which can be exploited by malicious people to disclose system information. Luckily the vulnerability affects to the 0.7.5.0 version and minors. POC: http://www.[web-with-PostNuke].com/user.php?stop=a (no numeric value) Example: http://www.dev-postnuke.com/user.php?stop=a http://www.americavivetv.com/user.php?stop=a http://www.ciberpsique.net/user.php?stop=a http://www.bonsaiabm.com/user.php?stop=a http://www.elrincondejada.net/user.php?stop=a http://www.salsa.org.pl/user.php?stop=a http://www.choco.org/user.php?stop=a by rMrGvG http://SNI-LABS.com since 1998 ---------------------------------------------------------------- This message was sent using IMP, the Internet Messaging Program.
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
phpPC 1.04 Multiples Remote File Inclusion
Pearl Forums 2.4 Multiple Remote File Include Vulnerabilities
PhotoCart 3.9 (adminprint.php) Remote File Include Vulnerability
Advisory: LDU <= 8.x Remote SQL Injection Vulnerability.
