[VIM] mx_act RFI oddness
Steven M. Christey
coley at linus.mitre.org
Tue Dec 19 17:47:59 EST 2006
str0ke said:
> I've gone over multiple false vulnerabilities from Dr Max Virus, so im
> guessing he just copied someone elses perl rfi exploit and cut and
> pasted his information.
>
> Ill have his exploit removed tonight and ill fix up an easy url for
> future reference.
Was anybody able to verify the mx_root_path vector? That seems like a
strong possibility due to this code snippet:
> > >if ( !file_exists($mx_root_path . 'modules/mx_act/language/lang_' . $board_config['default_lang'] . '/lang_activity.'.$phpEx ) )
> > >{
> > > include( $mx_root_path . 'modules/mx_act/language/lang_english/lang_activity.'.$phpEx );
> > > $link_language='lang_english';
> > >}
> >
> > ... which is a clear RFI vector since only define() statements appear
> > before here.
- Steve
More information about the VIM
mailing list