Re: ZoneX 1.0.3 - Publishers Gold Edition Remote File Inclusion Vulnerability

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: ZoneX 1.0.3 - Publishers Gold Edition Remote File Inclusion Vulnerability

Subject: Re: ZoneX 1.0.3 - Publishers Gold Edition Remote File Inclusion Vulnerability
Date: 30 Aug 2006 09:31:31 -0000
From: suppressed

This vulnerability is not that dangerous because, firstly, if you want to exploit it, you must have  exact file tree and correct name of the malicious script because that variable is never used alone but always in concatanation with script name and generic extension and, secondly, if site has register_globals  set to OFF, you cannot use this exploit at all...

Prev by Date: Re: Submit ( b2evolution<= 1.8 Remote File Include Vulnerabilities )
Next by Date: [SECURITY] [DSA 1165-1] New capi4hylafax packages fix arbitrary command execution
Previous by thread: [ISR] - IBM eGatherer ActiveX Code Execution PoC
Next by thread: [SECURITY] [DSA 1165-1] New capi4hylafax packages fix arbitrary command execution
Index(es):
- Date
- Thread

Mail converted by mhonarc 2.6.15
This archive provided courtesy of JSW4.NET, Internet Hosting Services for Small Business.