|
 |
| SecurityReason | ||
| WLB | ||
| Services | ||
| RSS | ||
| Corporate | ||
| Note | ||
If you have found a vulnerability, please send to our SecurityAlert Database : |
||
Home  SecurityAlert Database |
||||
SecurityAlert : 2016 CVE : CVE-2006-6464 CVE : CVE-2006-6463 SecurityRisk : Low  (About) Remote Exploit : Yes Local Exploit : No Exploit Available : Yes Credit : ifx cupu us Published : 12.12.2006
Advisory Content : lintah_|adv|_15@2006>=========<[MidiCart]<===>[php b/d] ____ _________ ________________ ____ ___________ ___________ _____________ ____________ _______________ /___________________________________________________________________ _________________________________ / / ooo000-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~- ~-~-~-~-~-~-~-~-~-~-~-~-~-~000ooo/ / / Indonesian Cyber-Terrorist [ Grey Hats ] / / / / iFX a.k.a inversFX / / | ifx (at) . (dot) . [email concealed] | | / / _________ | _____________ | | ! _____________________________ ! | :_________________________________________________.__________________ ________________________________:/ | | | | | | locate : Indonesia, Jakarta | | | -------------------------------- | | | date :06/12/2006 | | | -------------------------------- | | | title : | | | remote command execution through | | | arbitary local inclusion & vuln | | | of javascript | | | -------------------------------- | |/Developer : www.MidiCart.com / _ -------------------------------- __/ __/Victims : Commercial use /------------------------------------------------------------- |-----------------------------|/ ---------------------------/ PoC : A. BYpass upload ------------------------ when you open admin page, and you see `new item` with uplod the image and i try uplod another ( u can guess it ;P ) then gotcha!!, you got it :) 1. open : http://<path>/admin/add.php 2. access your file, ex ; your file is cucut.php then : http://<path>/images/cucut.php 3. have fun :) patch : - use permission in that(images) folder to write --> drwxrwxr- x dork : think it :) B. Shopping cheap :D ------------------------ 1.st choose what is you want to order 2.then you can go to viewcart 3.on 'Qty', fill minus [-] value on 'Qty' field, which make it cheaper example : Qty Item No. Item Price USD Total 1 6001 128MB PC2100 DDR 22.99 22.99 -1 5001 Sony 52x CDROM 12.99 0.0-1298 Product Total USD 9.100 4.all right here we go patch : add script which not allowed 'minus' into the variable. ---------------------------------------------------------------------- origin : http://cupu.us/adv/15-iFX-2006-adv-midicart-phpbackdoor.txt ---------------------------------------------------------------------- iFX Said, and greet : ================================================> Lintah [ team of destroyer fucking school ] : -------------------------- iFX aka inversFX BJ aka Blue_Jaccker Sin~X aka Sin_Cross Xpl aka Xploid gM aka G4mm4 S3 aka Sock-3d BRO aka BiG_ReD_OnE fZ aka FrezZe cTZ aka CuruTZ -------------------------- k1tk4t solpot matdhule Fungky slacky Cow_1iseng NpR thama lapet setiawan theSnowbrain Soey y3d1ps Lirva32 K-159 Comex Bithedz anomaly tr0n: bitch(LOL) Cyb3rh3b Cybertank Ceyen netcom h34rt_br34ker x-ace x16 slackX til Silverant LasT COffin [mR]opt1lc BeWab Bluespy Val NoGe ghoz kukasih OvErDoNgO PremanMedan sakitjiwa t1g3r ^^Nakutta king_purba Mr_orche Sefirosu drygol@h4cky0u etc....... @DALnet #phreakcuy #nyubicrew @ALLINDO #hitamputih@allindo #e-c-h-o #aikmel #asiahacker #newhack[dot]org #h4cky0u #groot #javahack #raptor #soey #semprol #yogyafree #daboxs #jasakom .......  Feedback : If you have additional information or notice any errors regarding this security advisory, please use contact form or email us at info()securityreason()com. |
||||
| Alert | ||
libc:fts_*() Multiple Denial of Service
The fts functions are provided for traversing UNIX file hierarchies... |
||
| Apache |  |
|
» Apache Tomcat 6.0.20 and |
||
» Apache Tomcat 6.0.20 and |
||
» Apache Tomcat 6.0.20 and |
||
| PHP | |
|
- 2009-10-02| Copyright © SecurityReason.com. All Rights Reserved. |