[VIM] True: MyBlog games.php RFI
Steven M. Christey
coley at mitre.org
Wed Apr 11 00:56:43 UTC 2007
Researcher: the_Edit0r
Ref: BUGTRAQ:20070404 MyBlog: PHP and MySQL Blog/CMS software Remote File Include Vulnerabilitiy
URL:http://www.securityfocus.com/archive/1/archive/1/464716/100/0/threaded
A download of the code on April 10 yielded the following for
os/games.php:
if (isset($_GET['scoreid'])) {
echo "Top Score for this game: ";
include($_GET['scoreid'] . "_score.txt");
echo ", Set By:";
include($_GET['scoreid'] . "_setby.txt");
}
The modify.php XSS was not findable in 2.2 seconds' effort but might
be resultant XSS from a verbose/unquoted MySQL error message. This
was not proven.
- Steve
More information about the VIM
mailing list