Re: FreeForum 0.9.0 <=- (index.php fpath) Remote File Include Vulnerability

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: FreeForum 0.9.0 <=- (index.php fpath) Remote File Include Vulnerability

Subject: Re: FreeForum 0.9.0 <=- (index.php fpath) Remote File Include Vulnerability
Date: Wed, 24 Jan 2007 11:13:37 +0100
From: Stefano Zanero <suppressed>

> FreeForum 0.9.0 <=- (index.php fpath) Remote File Include Vulnerability

Bogus. You really don't know what you are doing, as others pointed out.

> code :
> include("$fpath/forum.php");

That variable is initialized two lines above, so this is BOGUS.

Stefano

References:
- FreeForum 0.9.0 <=- (index.php fpath) Remote File Include Vulnerability
  - From: me you

Prev by Date: Re: Advanced Guestbook <=- 2.4.2 (include_path) Remote File Include Vulnerability
Next by Date: Re: Secunia Research: NCTsoft Products NCTAudioFile2 ActiveX Control Buffer Overflow
Previous by thread: FreeForum 0.9.0 <=- (index.php fpath) Remote File Include Vulnerability
Next by thread: Re: Virginity Security Advisory 2007-001 : T-Com Speedport 500V Login bypass
Index(es):
- Date
- Thread

Mail converted by mhonarc 2.6.15
This archive provided courtesy of JSW4.NET, Internet Hosting Services for Small Business.