BugTraq
Name:
Email:
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Subject:
Message:
 
Squirrelmail local file inclusion Jun 01 2006 12:50AM
brokejunker yahoo com
Squirrelmail local file inclusion bug in functions/plugin.php .

Tested on the latest 1.4.x version.

No authentication needed.

if (isset($plugins) && is_array($plugins)) {

foreach ($plugins as $name) {

use_plugin($name);

}

...

function use_plugin ($name) {

if (file_exis...

[ more ]  
 

Privacy Statement
Copyright 2010, SecurityFocus