SecurityFocus

PHPNuke viewpage.php allows Remote File retrieving Mar 25 2003 04:32PM
Zero_X www.lobnan.de Team (zero-x linuxmail org) (2 replies)

Re: PHPNuke viewpage.php and another SQL injections Mar 25 2003 06:33PM
Tibor Pittich (Tibor Pittich phuture sk)

On 25. mar 2003, 16:32, Zero_X www. lobnan. de Team wrote:

> viewpage.php is a part of PHPNuke.
> The Script allows an attacker to view all files on the System.
>
> Example:
>
> http://server.com/viewpage.php?file=/etc/passwd

"great" advisory..

about what version you are talking? latest 'stable' release 6.0 doesn't
contain this file, older 4.3 and 4.4 version are negative too..

after some googling i got it, you are talking about phpnuke 6.5..

this problem can be workarrounded with using safe_mode, or open_basedir
directives in php configuration, after this your assertion is false,
because attacker can't view any files on system.

thanks again for detailed advisory..

unfortunately, there is another too strange problems, which is publicated
today at site http://www.phpsecure.info/ dedicated to sql injection in
phpnuke. one of this is used by brazilian h4x0r which called himself as
'freeck' tonight to change one article at our phpnuke site.

[ reply ]

Re: PHPNuke viewpage.php allows Remote File retrieving Mar 25 2003 05:59PM
DaiTengu (daitengu war-ensemble com) (1 replies)

Re: PHPNuke viewpage.php allows Remote File retrieving Mar 25 2003 07:28PM
Jim Geovedi (negative magnesium net) (2 replies)

Re: PHPNuke viewpage.php allows Remote File retrieving Mar 26 2003 07:26AM
Tonu Samuel (tonu please do not remove this spam ee)

Re: PHPNuke viewpage.php allows Remote File retrieving Mar 26 2003 02:11AM
Christopher Warner (zanee kernelcode com)