Bugtraq mailing list archives
Re: Phorum 3.3.2a remote command execution
From: Thomas Seifert <thomas () phorum org>
Date: Sun, 19 May 2002 02:12:51 +0200
sorry no, this is not the same case. The line you posted is inbetween a if(file_exists("$PHORUM[settings_dir]/replace.php")) { ... file_exists only works on local filesystems. This may only work on the local server, if a user has access to it. Thomas On Sat, 18 May 2002 15:58:19 -0300 "Gabriel A. Maggiotti" <gmaggiot () ciudad com ar> wrote:
Markus Arndt wrote:Target: Phorum 3.3.2a (prior versions?) Description: In Phorum 3.3.2a (a bulletin board) there's a security flaw that lets remote users include external php scripts and execute arbitary code.Also admin.php is explotable ;) forum/plugin/replace/admin.php: include("$PHORUM[settings_dir]/replace.php");
Current thread:
- Phorum 3.3.2a remote command execution Markus Arndt (May 17)
- Re: Phorum 3.3.2a remote command execution Gabriel A. Maggiotti (May 18)
- Re: Phorum 3.3.2a remote command execution Thomas Seifert (May 20)
- Re: Phorum 3.3.2a remote command execution Gabriel A. Maggiotti (May 18)