[VIM] "File Upload" seems to be "Free File Hosting"
Steven M. Christey
coley at mitre.org
Tue Mar 27 18:16:23 UTC 2007
Refs:
BUGTRAQ:20070324 File Upload System V1.0 (AD_BODY_TEMP) multiple file include
http://www.securityfocus.com/archive/1/archive/1/463707/100/0/threaded
This has the same parameter names as previously disclosed issues
CVE-2006-5762, CVE-2006-5763, and CVE-2006-5764. Those CVE's are for
"Free File Hosting 1.1" which is at
http://www.free-php-scripts.net/P/Free_File_Hosting . This URL
mentions a capability "File Upload System" and links to the demo page
that's referenced in the latest Bugtraq post.
So, the issues are the same.
Oh - and source inspection confirms all the vectors listed in the
CVE's:
contact.php:22: <td><div align="center"><?php include($AD_BODY_TEMP);?></div></td>
forgot_pass.php:3: <td><div align="center"><?php include($AD_BODY_TEMP);?></div></td>
login.php:3: <td><div align="center"><?php include($AD_BODY_TEMP);?></div></td>
register.php:3: <td><div align="center"><?php include($AD_BODY_TEMP);?></div></td>
send.php:29: <td><div align="center"><?php include($AD_BODY_TEMP);?></div></td>
- Steve
More information about the VIM
mailing list