Bugtraq mailing list archives
Re: Trevorchan <= v0.7 Remote File Include Vulnerability
From: Stefano Zanero <s.zanero () securenetwork it>
Date: Tue, 16 Jan 2007 23:45:13 +0100
ilkerkandemir () mynet com wrote:
Script:Trevorchan v0.7
Fake vuln
require_once($tc_config['rootdir']."/inc/functions.php"); require_once($tc_config['rootdir']."/inc/encryption.php");
These vars are initialized in config.php, which is require-d by the files you mention.
Exploit:
Obviously, you didn't care to test them. PLEASE STOP REPORTING FAKE PHP VULNS. Stefano
Current thread:
- Trevorchan <= v0.7 Remote File Include Vulnerability ilkerkandemir (Jan 13)
- Re: Trevorchan <= v0.7 Remote File Include Vulnerability Stefano Zanero (Jan 16)