[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <45B73151.1080806@securenetwork.it>
Date: Wed, 24 Jan 2007 11:13:37 +0100
From: Stefano Zanero <s.zanero@...urenetwork.it>
To: me you <r.5.7@...mail.com>, bugtraq@...urityfocus.com
Subject: Re: FreeForum 0.9.0 <=- (index.php fpath) Remote File Include Vulnerability
> FreeForum 0.9.0 <=- (index.php fpath) Remote File Include Vulnerability
Bogus. You really don't know what you are doing, as others pointed out.
> code :
> include("$fpath/forum.php");
That variable is initialized two lines above, so this is BOGUS.
Stefano
Powered by blists - more mailing lists