|
Bugtraq
mailing list archives
PHPMyTourney Remote file include Vulnerability
From: security () soqor net
Date: 29 Feb 2008 09:10:58 -0000
Hello
PHPMyTourney Remote file include Vulnerability
Discovered By : HACKERS PAL
Copy rights : HACKERS PAL
Website : http://www.soqor.net
Email Address : security () soqor net
home page : http://phpmytourney.sourceforge.net
Script : PHPMyTourney
vulnerable file : phpmytourney/sources/tourney/index.php
code
$page = $_GET['page'];
if(isset($page))
include($page . '.php');
else
echo("must specify a page ");
lines 45-49
fast solution
replace with
if(file_exists($page . '.php') and !eregi(".",$page) and !eregi(":",$page) and !eregi("/",$page))
{
include($page . '.php');
}
else
{
echo("must specify a page ");
}
phpmytourney/sources/tourney/index.php?page=[Evil-Script]
#WwW.SoQoR.NeT
 By Date 
By Thread
Current thread:
- PHPMyTourney Remote file include Vulnerability security (Feb 29)
| 
Intro
