Re: discloser 0.0.4 Remote File Inclusion (with Exploit)
- From: "Carsten Eilers" <ceilers-lists@xxxxxx>
- Date: Sat, 19 Aug 2006 09:39:08 +0200
Hi,
dr.t3rr0r1st@xxxxxxxxx schrieb am Thu, 17 Aug 2006 21:14:13 +0000:
ok , here we go
foreach ($avail_types as $type) {
Here $type is set to the values of the
$avail_types-Elements and then
include($type . ".plugin.php");
$type is used for include. Initialized with
elements of $avail_types.
here's the source
I see. But I see no vulnerability.
so what's the problem ? your source is correct but
the source that i found the vuln. in it , shows that
there is a Remote File Inclusion Vulnerabilite in
your script
It's not my script.
But where's your inclusion vulnerability?
Regards
Carsten
--
Dipl.-Inform. Carsten Eilers
IT-Sicherheit und Datenschutz
<http://www.ceilers-it.de>
- References:
- Re: Re: discloser 0.0.4 Remote File Inclusion (with Exploit)
- From: dr . t3rr0r1st
- Re: Re: discloser 0.0.4 Remote File Inclusion (with Exploit)
- Prev by Date: PHProjekt v0.6.1 Remote File Inclusion Vulnerability (2)
- Next by Date: Re: anjel Mambo Component Remote File Include
- Previous by thread: Re: Re: discloser 0.0.4 Remote File Inclusion (with Exploit)
- Next by thread: [USN-337-1] imagemagick vulnerability
- Index(es):
