Zero_X www.lobnan.de Team wrote: > > viewpage.php is a part of PHPNuke. > The Script allows an attacker to view all files on the System. > > Example: > > http://server.com/viewpage.php?file=/etc/passwd > > > umm, what version of phpNuke is vulnerable to this? as far as I'm aware, there has not been any viewpage.php since before 5.0... I beleive this was reported then as well. reguardless, this is not true with 6.0 -- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Mike "DaiTengu" Miller UA Site Coordinator: http://www.unitedadmins.com Webmaster: http://war-ensemble.com Sysop: telnet://bbs.war-ensemble.com StatsMe Team: http://www.unitedadmins.com/StatsMe.php -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
This archive was generated by hypermail 2b30 : Tue Mar 25 2003 - 11:04:09 PST