by r0t,der4444,cembo,VietMafia

Thursday, October 13, 2005 Vulnerability
In-Portal Site Package - Price:$295
Quote: "our most popular products designed to run a successful portal or a community web site. It is equipped with the latest In-portal Platform, In-link (Directory Management), In-newz (News Management) and In-bulletin (Discussion Forum)" -

Credit: der4444 original advisory at

Vulnerable File:
POST: pathtoroot=

In-Link is also vulnerable to a remote include in:
BUT, php version >= 5.0 and registered globals on. Which is a rare configuration.

Greetz to New Angels team,waraxe,X-ACCESS crew,g0df4th3r

original advisory:


Post a Comment

<< Home

Copyright (c) 2006 Pridels Sec Crew