[VIM] Fwd: PHP Event Calendar 1.5.1 (index.php) Remote File Include Vulnerability

str0ke str0ke at milw0rm.com
Wed Nov 29 13:58:32 EST 2006 

Looks to be false.

if(!@include './data/global.php'){
        echo "Can't open ./data/global.php";
        exit;
}

once installed the PATHS array is defined as well as the
path_to_calendar variable in /data/global.php.

install.php
------------------------------------
$PATHS=array(
"path_to_calendar" => "'.str_replace("\\","\\\\",$files_path).'",
"path_to_calendar_img" => "'.str_replace("\\","\\\\",$img_path).'",
"WEB_path_to_calendar_img" => "'.$img_web_path.'",
"path_to_data" => "'.str_replace("\\","\\\\",$data_path).'"
);';

/str0ke

On 11/27/06, philip anselmo <spoonman500 at hotmail.com> wrote:
> Title : PHP Event Calendar 1.5.1 (index.php) Remote File Include
> Vulnerability
> ########################################################################
> #######
>
> Discovered By :::: ThE-LoRd-Of-CrAcKiNg {MeHdi}
>
> ------------------------------------------------------------------------
> Sorce Code:
> **********
> http://www.scriptdungeon.com/jump.php?ScriptID=633
>
> Affected software description :
> ******************************
> Title: PHP Event Calendar
> // URL: http://www.softcomplex.com/products/php_event_calendar/
> // Version: 1.5.1
> // Date: 03/04/2005 (mm/dd/yyyy)
> // Tech. support: http://www.softcomplex.com/forum/forumdisplay.php?fid=55
> Catégorie :Remote File Include
> ------------------------------------------------------------------------
> Vulnerable Code:
> ***************
> include $path_to_calendar."calendar.php";
>
> affected file: cl_files/index.php
> ----------------------------------------------------------------------
> Exploit:
> *******
> http://www.VicTim.com/[Script_Path]/cl_files/index.php?path_to_calendar=Shell.txt?
>
>
> ------------------------------------------------------------------------
> ----
>
> greetz: Studio36-DeStRoY-ToOoFA-AsbMay-Mr.3freet-Simba-Disco-Faiçeu-YouSSeF
> & all my friends
>
> Special Greeting:AsbMay's Group & TrYaG TeaM
>
> channel:www.asb-may.net & www.tryag.com
>
> contact:spoonman500[at]hotmail[dot]com / ThE-LoRd-Of-CrAcKiNg at hotmail.com
>
> _________________________________________________________________
> MSN Messenger : discutez en direct avec vos amis !
> http://www.msn.fr/msger/default.asp
>
>

More information about the VIM mailing list