[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Startpage <= 1.0 (cfgLanguage) Remote File Inclusion Vulnerability

To: <sh3ll@xxxxxxxx>, <bugtraq@xxxxxxxxxxxxxxxxx>
Subject: Re: Startpage <= 1.0 (cfgLanguage) Remote File Inclusion Vulnerability
From: "Carsten Eilers" <ceilers-lists@xxxxxx>
Date: Sun, 13 Aug 2006 14:31:44 +0200

sh3ll@xxxxxxxx schrieb am Thu, 10 Aug 2006 20:53:46 +0000:

>Sanitize Variabel $cfgLanguage in edit.php , functions.php , new.php ,
>PageBottom.php 
>
>& PageTop.php

Take a look at config.php:

$cfgLanguage    = 'uk';                                         // Which 
language do you prefer :
                                                                //      uk = 
English
                                                                //      nl = 
Dutch
                                                                //      de = 
German


config.php is included in edit.php, new.php, PageBottom.php 
and PageTop.php at the top of the file, in functions.php at
the top of relevant functions.

No way to include something with cfgLanguage.

Regards
 Carste

-- 
Dipl.-Inform. Carsten Eilers
IT-Sicherheit und Datenschutz

<http://www.ceilers-it.de>

References:
- Startpage <= 1.0 (cfgLanguage) Remote File Inclusion Vulnerability
  - From: sh3ll

Prev by Date: RE: Re: Cisco VPN Concentrator IKE resource exhaustion DoS Advisory
Next by Date: HPSBMA02138 SSRT061184 rev.1 - HP OpenView Storage Data Protector, Remote Arbitrary Command Execution
Previous by thread: Startpage <= 1.0 (cfgLanguage) Remote File Inclusion Vulnerability
Next by thread: Re: Startpage <= 1.0 (cfgLanguage) Remote File Inclusion Vulnerability
Index(es):
- Date
- Thread