Bugtraq mailing list archives
Vulnerabilities in SPIP
From: crasher () kecoak or id
Date: Sun, 09 Apr 2006 14:00:06 +0700
k k kkkk k kkkk k k kkkkkk kkkkkk kkkk k k k k k k k k k k k k k k kk k k k k kk k k k k kk <><> kkkkk k kkkkk kk kk kkkkkk k k k k k k kk k k k k k k k kk k k k k k k k k k k k k kkkk k kkkk k k kk k k kkkk k kk k k k ------------------------------------------------------------------------------
=- Remote file inclusion in SPIP
Author : Rusydi Hasan M a.k.a : cR45H3R Date : April,8th 2006 Risk : High
=- Software description
SIPP is a CMS portal with multilanguage support Version : 1.8.3 URL : http://www.spip.net
=- The Vulnerable
http://[victim]/[spip_dir]/spip_login.php3?url=[Evil_url] ---spip_login.php3--------------------------------------------------------------- ............ if (isset($_SERVER['REQUEST_URI']) AND strpos($_SERVER['REQUEST_URI'], 'var_url')) @header('Location: '.str_replace('var_url', 'url', $_SERVER['REQUEST_URI'])); ............ ---spip_login.php3---------------------------------------------------------------
=- Vendor
Not contacted yet
=- Shoutz
~ kecoak (cybertank,cyb3rh3b,cahcephoe,scut,degleng,etc) ~ echo staff (y3dips,moby,comex,z3r0byt3,K-159,c-a-s-e,S`to,lirva32,anonymous,the day) ~ Ph03n1x,spyoff,ghoz,r34d3r,m_beben,slackX,sakitjiwa,xnuxer
=- Contact
crasher () kecoak or id || http://www.kecoak.or.id
Current thread:
- Vulnerabilities in SPIP crasher (Apr 10)