| To: | trzindan@hotmail.fr, bugtraq@securityfocus.com |
|---|---|
| Subject: | Re: local Calendar System v1.1 (lcStdLib.inc) Remote File Include |
| From: | Stefano Zanero <s.zanero@securenetwork.it> |
| Date: | Sun, 28 Jan 2007 22:05:31 +0100 |
| Delivered-to: | sp-com-lists@consult.net |
| Delivered-to: | bugtraq-list@securepoint.com |
| Delivered-to: | mailing list bugtraq@securityfocus.com |
| Delivered-to: | moderator for bugtraq@securityfocus.com |
| In-reply-to: | <20070127174655.27269.qmail@securityfocus.com> |
| List-help: | <mailto:bugtraq-help@securityfocus.com> |
| List-id: | <bugtraq.list-id.securityfocus.com> |
| List-post: | <mailto:bugtraq@securityfocus.com> |
| List-subscribe: | <mailto:bugtraq-subscribe@securityfocus.com> |
| List-unsubscribe: | <mailto:bugtraq-unsubscribe@securityfocus.com> |
| Mailing-list: | contact bugtraq-help@securityfocus.com; run by ezmlm |
| Organization: | Secure Network S.r.l. |
| References: | <20070127174655.27269.qmail@securityfocus.com> |
| User-agent: | Thunderbird 1.5.0.9 (X11/20061223) |
trzindan@hotmail.fr wrote: > local Calendar System v1.1 (lcStdLib.inc) Remote File Include Fake vuln > code : The variables are set in config.php > exploit: You never tested them. Which is pretty lame. Stefano |
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| ||
| Previous by Date: | Fake: Open Conference Systems = 2.8.2 Remote File Inclusion, bzhbfzj3001 |
|---|---|
| Next by Date: | CVSTrac 2.0.0 Denial of Service (DoS) vulnerability, Ralf S. Engelschall |
| Previous by Thread: | local Calendar System v1.1 (lcStdLib.inc) Remote File Include, trzindan |
| Next by Thread: | Re: local Calendar System v1.1 (lcStdLib.inc) Remote File Include, Gadi Evron |
| Indexes: | [Date] [Thread] [Top] [All Lists] |