ANdreicj Posted March 14, 2010 Report Share Posted March 14, 2010 =====================================================PHP-Fusion-AP-7.00.2-Rus (search.php) disclosure ways=====================================================1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 _ __ __ __ 11 /' \ __ /'__`\ /\ \__ /'__`\ 00 /\_, \ ___ /\_\/\_\ \ \ ___\ \ ,_\/\ \/\ \ _ ___ 11 \/_/\ \ /' _ `\ \/\ \/_/_\_<_ /'___\ \ \/\ \ \ \ \/\`'__\ 00 \ \ \/\ \/\ \ \ \ \/\ \ \ \/\ \__/\ \ \_\ \ \_\ \ \ \/ 11 \ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\ 00 \/_/\/_/\/_/\ \_\ \/___/ \/____/ \/__/ \/___/ \/_/ 11 \ \____/ >> Exploit database separated by exploit 00 \/___/ type (local, remote, DoS, etc.) 11 0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-1#[+] Discovered By : Inj3ct0r#[+] Site : Inj3ct0r.com#[+] support e-mail : submit[at]inj3ct0r.comSite: www.alipapa.com.uaProduct: PHP-FusionVersion: PHP-Fusion-AP-7.00.2-RusDisclosure ways. Error in file search.phpPHP code: if (isset($_GET['stext'])) { if (is_array($_GET['stext'])) { redirect(FUSION_SELF); } else { $_GET['stext'] = urlencode(stripinput($_GET['stext'])); } } else { $_GET['stext'] = ""; } Example:http://alipapa.com.ua/search.php?stext [] Quote Link to comment Share on other sites More sharing options...
Krisler12 Posted March 14, 2010 Report Share Posted March 14, 2010 Nu ai vrea sa ne arati cum se si foloseste de exemplu acest script ca asa forumul e plin cu de astea dar ma intreb si daca e careva sa stie si cum poate folosi o chestie de asta ? Quote Link to comment Share on other sites More sharing options...