Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Re: RFI Bug

From: Francesco Laurita <francesco () francesco-laurita info>
Date: Tue, 17 Feb 2009 10:44:49 +0100
On Mon, 2009-02-16 at 17:13 +0000, Dr.linux () gmx net wrote:

ViArt Shop 3.6   Remote File Include BUG



include_once($root_folder_path."includes/common.php");
      
include_once($root_folder_path . "includes/record.php");


Bogus,

$root_folder_path is defined into admin_config.php which is included one
line befere:

include_once("./admin_config.php");
include_once($root_folder_path."includes/common.php");
include_once($root_folder_path . "includes/record.php");

Regards,
--
F
Previous By Date Next
Previous By Thread Next

Current thread: