[VIM] false: drakecms 0.3.2beta (header.php) Remote File Inclusion Vulnerability

str0ke str0ke at milw0rm.com
Mon Feb 12 17:19:16 EST 2007


First line of code.

<?php if(!defined('_VALID')){header('Status: 404 Not Found');die;}

/str0ke

### portal name : drakecms 0.3.2beta

### web site : http://www.drakecms.org

### download : http://sourceforge.net/project/showfiles.php?group_id=166901&package_id=192077&release_id=420104

-------------------------------------********************----------------------------------------------------------

Vulnerability:
~~~~~~~~~~~~~~

 ---------------header.php --------------------


 /* Include the files containing various classes */
 $aclasses_dir=$d_root.'admin/classes/';
 include($aclasses_dir.'menu.php');
 include($aclasses_dir.'ui.php');
 include($aclasses_dir.'toolbar.php');
 include($aclasses_dir.'easydb.php');
 include($aclasses_dir.'minixml/minixml.inc.php');



-------------------------------------********************----------------------------------------------------------

bug :
~~~~~~~~~~~~~~

 http://target/path/admin/includes/header.php?aclasses_dir=[shell]



-------------------------------------********************----------------------------------------------------------


More information about the VIM mailing list