|
|
|
|
Menu |
|
|
Home |
| |
|
Discussions |
| |
|
Tools |
| |
|
Affiliates |
| |
|
Content |
| |
|
Info |
| | |
|
|
|
|
|
User Info |
|
Membership:
Latest: MichaelSnaRe
New Today: 0
New Yesterday: 0
Overall: 9144
People Online:
Visitors: 126
Members: 0
Total: 126
|
|
|
|
|
|
Full disclosure |
|
|
|
|
|
|
|
|
|
IT Security and Insecurity Portal |
|
|
Bypassed Letting Remote Users Determine Installation Path |
|
Posted: Wed Jun 02, 2004 6:08 pm |
|
|
LINUX |
Moderator |
|
|
Joined: May 24, 2004 |
Posts: 404 |
Location: Caiman |
|
|
|
|
|
|
exploition of this vulnerability will display full path disclosure and not continue further code execution where intrusion or damage might occur. In a much smaller number of cases, the code may continue executing and possibly allow outsiders unwanted access to some restricted areas on the site.
http://[target]/admin/case/case.adminfaq.php/admin.php?op=FaqCatGo
138 files affected |
|
|
|
|
|
|
|
|
Posted: Wed Jun 02, 2004 6:31 pm |
|
|
waraxe |
Site admin |
|
|
Joined: May 11, 2004 |
Posts: 2407 |
Location: Estonia, Tartu |
|
|
|
|
|
|
I looked at the source code:
Code: |
if (!eregi("admin.php", $_SERVER['PHP_SELF'])) { die ("Access Denied"); }
switch($op) {
case "FaqCatSave":
case "FaqCatGoSave":
case "FaqCatAdd":
case "FaqCatGoAdd":
case "FaqCatEdit":
case "FaqCatGoEdit":
case "FaqCatDel":
case "FaqCatGoDel":
case "FaqAdmin":
case "FaqCatGo":
include ("admin/modules/adminfaq.php");
break;
}
|
And it seems that phpnuke 6.9-7.3 is protected against direct access in those files? I dont know about older phpnuke versions... |
|
|
|
|
www.waraxe.us Forum Index -> PhpNuke
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
All times are GMT
Page 1 of 1
|
|
|
Powered by phpBB © 2001-2008 phpBB Group
|
|
|
|
|
|
|