SecurityvulnsSECURITYVULNS:DOC:16463htmltonuke 2.0alpha for postnuke & PHP-Nuke(htmltonuke.php) Remote File Include Vulnerabilities
######################################################
htmltonuke 2.0alpha for postnuke & PHP-Nuke(htmltonuke.php) Remote File Include Vulnerabilities
######################################################
script :http://www.desarrollonuke.org
http://up.9q9q.net/up/index.php?f=ddAvVTUSs
######################################################
file : /htmltonuke.php
######################################################
Dork : "/nuke/htmltonuke.php" - "htmltonuke.php"
######################################################
Found by & Contact : Cold z3ro , [email protected] , http://hack-teach.com/
######################################################
//verifie s'il y a l'extension ".htm"
if(substr($filnavn,-4)!=".htm" && substr($filnavn,-5)!=".html" ){
echo "Only files HTML are authorizedβ¦";
CloseTable();
include("footer.php");
}
else {
// verifie si l'on remonte dans l'arborescense
// verifie si l'on sort du site
if( substr($filnavn,0,5)!="./β¦/" && substr($filnavn,0,7)!="http://" ){
include ($filnavn);
CloseTable();
include("footer.php");
}
######################################################
exploit :
######################################################
---- GreeTz: |MoHaNdKo| |Cold One| |Cold ThreE| |Viper Hacker| |The Wolf KSA| |o0xxdark0o| |OrGanza| |H@mLiT| |Snake12| |Root Shell|
|Metoovit| |Fucker_net| |Rageb| |CoDeR| |HuGe| |Str0ke| |Dr.TaiGaR| |BLacK HackErD| |JEeN HacKer| |Nazy L!unx| |KURTEFENDY|
|Spid1r Net| |Big Hacker| |Hacccr| |hacoor| || |Geniral C| |Mr.TyrAnT| |Zax| |Zooz| | Al 3afreat | |The-Falcon-Ksa|
| The Sniper | . ||| Team Hell ||| | DearMan | |Pro Hacker| | 020 | | abdulla00 " alz3eem" | | The_Viper | All i know
#Big Thx For : www.4azhar.com , Long Life My HomeLand Palestine