Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

bugtraq logo Bugtraq mailing list archives

Re: ZoneX 1.0.3 - Publishers Gold Edition Remote File Inclusion Vulnerability
From: maric_sasa () yahoo com
Date: 30 Aug 2006 09:31:31 -0000
This vulnerability is not that dangerous because, firstly, if you want to exploit it, you must have  exact file tree 
and correct name of the malicious script because that variable is never used alone but always in concatanation with 
script name and generic extension and, secondly, if site has register_globals  set to OFF, you cannot use this exploit 
at all...

  By Date           By Thread  

Current thread:
  • Re: ZoneX 1.0.3 - Publishers Gold Edition Remote File Inclusion Vulnerability maric_sasa (Sep 01)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]