Bugtraq mailing list archives

Re: CuteNews v1.4.5 (search.php) Remote file include vulnerability

From: Francesco Laurita <francesco () francesco-laurita info>
Date: Mon, 27 Nov 2006 21:49:48 +0100

philip anselmo ha scritto:

Vulnerable Code:
***************
require_once("$cutepath/inc/functions.inc.php");
require_once("$cutepath/data/config.php");

affected file: search.php & show_news.php & show_archives.php
----------------------------------------------------------------------

Please mark it as bogus.
$cutepath is defined some lines above:

$cutepath =  __FILE__;

Regards

Current thread:

CuteNews v1.4.5 (search.php) Remote file include vulnerability philip anselmo (Nov 27)
- Re: CuteNews v1.4.5 (search.php) Remote file include vulnerability Francesco Laurita (Nov 27)
- Re: CuteNews v1.4.5 (search.php) Remote file include vulnerability raven (Nov 29)