[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20070113034330.27741.qmail@securityfocus.com>
Date: 13 Jan 2007 03:43:30 -0000
From: maxpost@...ru
To: bugtraq@...urityfocus.com
Subject: Re: Naig <= 0.5.2 (this_path) Remote File Include Vulnerability
Not vuln. :\
$this_path = substr($_SERVER["SCRIPT_FILENAME"],0,max(strrpos($_SERVER["SCRIPT_FILENAME"],"/"),strrpos($_SERVER["SCRIPT_FILENAME"],"\\"))+1);
// uncomment the following line if you run into an error like "Fatal error trying to include config.inc.php"
// $this_path = "/absolute/path/to/naig/";
Powered by blists - more mailing lists