BugTraq
Back to list
|
Post reply
Trevorchan <= v0.7 Remote File Include Vulnerability
Jan 13 2007 11:33AM
ilkerkandemir mynet com
(1 replies)
Re: Trevorchan <= v0.7 Remote File Include Vulnerability
Jan 16 2007 10:45PM
Stefano Zanero (s zanero securenetwork it)
ilkerkandemir (at) mynet (dot) com [email concealed] wrote:
> Script:Trevorchan v0.7
Fake vuln
> require_once($tc_config['rootdir']."/inc/functions.php");
> require_once($tc_config['rootdir']."/inc/encryption.php");
These vars are initialized in config.php, which is require-d by the
files you mention.
> Exploit:
Obviously, you didn't care to test them.
PLEASE STOP REPORTING FAKE PHP VULNS.
Stefano
[ reply ]
Privacy Statement
Copyright 2010, SecurityFocus
> Script:Trevorchan v0.7
Fake vuln
> require_once($tc_config['rootdir']."/inc/functions.php");
> require_once($tc_config['rootdir']."/inc/encryption.php");
These vars are initialized in config.php, which is require-d by the
files you mention.
> Exploit:
Obviously, you didn't care to test them.
PLEASE STOP REPORTING FAKE PHP VULNS.
Stefano
[ reply ]