ossigeno-rfi.txt

2007-10-05T00:00:00
ID PACKETSTORM:59801
Type packetstorm
Reporter naxx
Modified 2007-10-05T00:00:00

Description

                                        
                                            `:::::::::::::::::::::::::::::::::::::::::::::::::::.......................  
::| \ | (_) | \ | | / ____|  
::| \| |_ ___ ___ | \| | __ _ _ __ ___ ___ | | _ __ _____ __  
::| . ` | |/ __/ _ \ | . ` |/ _` | '_ ` _ \ / _ \ | | | '__/ _ \ \ /\ / /  
::| |\ | | (_| __/ | |\ | (_| | | | | | | __/ | |____| | | __/\ V V /  
::|_| \_|_|\___\___| |_| \_|\__,_|_| |_| |_|\___| \_____|_| \___| \_/\_/  
:::::::::::::::::::::::::::::We got the nicest name in the security scene!  
::::::::Info::.  
::Script:Ossigeno-script  
::Version:2.2_alpha3  
::Author:Neovision  
::Homepage:http://sourceforge.net/projects/ossigeno  
::  
:::::::::Details::.  
::Type: File Inclusion  
::Exploit:  
::  
:: upload/common/footer.php contains :  
:: include("{$level}{$graphic_base}templates/{$header["template"]}_footer.php");  
::  
:: $level is undefined  
:.  
::  
::and if anybody needs some cheap xss to publish ->read that code xD  
::plus it may even hold more rfi, we just took a quick look  
::  
::::::::::::::::::::::::::::::::.  
:::::::::::Additional_Information::.  
:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::.  
::Contact: naxx@nicenamecrew.com  
::Website: http://nicenamecrew.com  
:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::.   
  
`