| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 13 Mar 2007 13:28:35 -0500 From: Mailinglists Address <mailinglist@...resshosting.net> To: "BorN To K!LL BorN To K!LL" <q.t.i@...mail.com> Cc: bugtraq@...urityfocus.com Subject: Re: Weekly Drawing Contest <= (check_vote.php) Remote File Disclosure Vuln > +=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+= > > Weekly Drawing Contest <= (check_vote.php) Remote File Disclosure Vuln > > Script: Weekly Drawing Contest > > Version: 0.0.1 > > S!Te: http://www.hotscripts.com/jump.php?listing_id=52638&jump_type=1 > > Discover: BorN To K!LL > This one is so blatantly bogus, I hesitate to even comment on it for fear of giving it legitimacy. It might be possible to use $order to do remote SQL injection, but local file exposure? I don't see it. $order isn't used in any include, require, or other method that would expose it to the vulnerability claimed. Additionally, as a legitimate exploit for this application, it is possible to by pass the admin authentication by accessing the included contest.php in the admin folder directly (not using the index.php). Granted this application is almost 3 years old, and could very easily be argued that it is a dead and unsupported. Tom Walsh Express Web Systems, Inc. http://www.expresswebsystems.com/
Powered by blists - more mailing lists