Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Bugtraq
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

FUD Forum < 2.7.1 PHP code injection vurnelability

from [riklaunim] Network Security [Permanent Link]
Subject: FUD Forum < 2.7.1 PHP code injection vurnelability
Date: 28 Aug 2005 15:00:56 -0000 
Avatar upload in FUD Forum < 2.7.1 may be tricked to upload a PHP file. To do 
so merge a graphic avatar file with a PHP file.
cat foo.png foo.php > upload_me.php
under linux/unix. On win try notepat :)
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • FUD Forum < 2.7.1 PHP code injection vurnelability, riklaunim <=
Previous by Date:  PHP-Fusion <= v6.00.107 XSS exploit, slacker4ever_1
Next by Date:  [Full-disclosure] Multiple vulnerabilities in BFCommand & Control for Battlefield 1942 and Vietnam, Luigi Auriemma
Previous by Thread:  PHP-Fusion <= v6.00.107 XSS exploit, slacker4ever_1
Next by Thread:  [Full-disclosure] Multiple vulnerabilities in BFCommand & Control for Battlefield 1942 and Vietnam, Luigi Auriemma
Indexes:  [Date] [Thread] [Top] [All Lists]