[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: gnopaste <= 0.5.3 (index.php) Remote File Include Vulnerability
- To: trzindan@xxxxxxxxxx
- Subject: Re: gnopaste <= 0.5.3 (index.php) Remote File Include Vulnerability
- From: Francesco Laurita <francesco@xxxxxxxxxxxxxxxxxxxxxx>
- Date: Mon, 29 Jan 2007 23:48:10 +0100
trzindan@xxxxxxxxxx ha scritto:
> index.php
>
> include(GNP_REAL_PATH . 'includes/common.php');
>
>
Bogus!
First: GNP_REAL_PATH is a constant which means it has an unchangeable
value (RTM)
Second: GNP_REAL_PATH is setted on line #39 (Open your eyes)
Regards
--
Francesco Laurita