[VIM] dispute: older CyBoards common.php RFI (CVE-2006-2871)
Steven M. Christey
coley at mitre.org
Thu Apr 12 00:09:36 UTC 2007
Researcher: SpC-x
Ref: CyBoards PHP Lite v1.25 (common.PHP) Remote File Inclusion
http://www.securityfocus.com/archive/1/archive/1/435977/100/0/threaded
Using the 1.25 code referenced in the previous post, we have:
include("/home/www/forums/include/config.php");
include($script_path."/db/mysql.php");
... and later uses.
Inspections suggests that a failed inclusion would cause lots of
problems, so the pathname would need to be changed during
installation; this is also documented in readme.txt.
config.php itself has:
$script_path = "/home/www/forums"; // Unix path to the forum directory. Do not include a trailing slash
config.php doesn't have any nested includes, requires, dynamic
evaluation, or extract.
$script_path is used in other include's in common.php but have the
same negative results.
- Steve
More information about the VIM
mailing list