[VIM] Vanilla CMS
George A. Theall
theall at tenablesecurity.com
Mon Jul 24 15:42:31 EDT 2006
Has anyone else looked into the recently announced flaw in "Vanilla
CMS"? Advisory's here:
http://www.securityfocus.com/archive/1/440938/30/0/threaded
I grabbed a copy of the software (it's more of a forum than a CMS) from
here:
http://lussumo.com/download.php?Get=Vanilla
It appears to be version 1.0, and the code quoted in the advisory does
appear in setup/upgrader.php (nb: there is no 'steup/'), which is dated
June 24, 2006. At least in the version I was able to retrieve, I find
immediately before that this snippet:
---- snip, snip, snip ----
$RootDirectory = str_replace('setup/', '', $WorkingDirectory);
$WebRoot = dirname(ForceString(@$_SERVER['PHP_SELF'], ''));
$WebRoot = substr($WebRoot, 0, strlen($WebRoot) - 5); // strips the
"setup" off the end of the path.
$BaseUrl = 'http://'.ForceString(@$_SERVER['HTTP_HOST'], '').$WebRoot;
$ThemeDirectory = $WebRoot . 'themes/';
$AllowNext = 0;
$NewConfiguration = array();
// Assign some default values to the postback parameters
$DBHost = '';
$DBName = '';
$DBUser = '';
$DBPass = '';
$SupportEmail = '';
$SupportName = '';
$ApplicationTitle = '';
---- snip, snip, snip ----
So, does the remote include issue exist in a different version or did
MFox just not look at this carefully?
George
--
theall at tenablesecurity.com
More information about the VIM
mailing list