phpTournois <= G4 Remote File Upload/Code Execution Exploit

Exploit for unknown platform in category web applications =========================================================== phpTournois Remote Code Execution - Remote File Upload When testing if we are admin, phpTournois checks if $grade'a'=='a'. But when we are not loggued in, this var is not defined...

phpTournois G4 - Arbitrary File Upload Code Execution

phpTournois G4 - Arbitrary File Upload Code Execution Date: 04-06-08 - Remote Code Execution - Remote File Upload When testing if we are admin, phpTournois checks if $grade'a'=='a'. But when we are not loggued in, this var is not defined. So, using registerglobals, we can define it and let the CM...

phpTournois &lt;= G4 Remote File Upload/Code Execution Exploit

No description provided by source. ?php / Name: phpTournois = G4 Remote File Upload/Code Execution Exploit Credits: Charles "real" F. charlesfolathotmail.fr Date: 04-06-08 - Remote Code Execution - Remote File Upload When testing if we are admin, phpTournois checks if $grade'a'=='a'. But when we...

phpTournois G4 - Arbitrary File Upload / Code Execution

Date: 04-06-08 - Remote Code Execution - Remote File Upload When testing if we are admin, phpTournois checks if $grade'a'=='a'. But when we are not loggued in, this var is not defined. So, using registerglobals, we can define it and let the CMS think we are authentificated. Using configuration zo...