[VIM] phpMyConferences <= 8.0.2 Remote File Disclosure Vulnerability
str0ke
str0ke at milw0rm.com
Wed Oct 31 20:48:45 UTC 2007
Removing this on my side. Good find man.
/str0ke
George A. Theall wrote:
> I don't know how many sites are actually affected by this. Here's the
> affected script as it appears in version 8.0.2:
>
> <?php
> header("Content-disposition: attachment; filename=".$_GET('filname']);
> header("Content-Type: application/force-download");
> header("Content-Transfer-Encoding: binary");
> header("Content-Length: ".filesize($_GET['dir']));
> header("Pragma: no-cache");
> header("Cache-Control: no-store, no-cache, must-revalidate,
> post-check=0, pre-check=0");
> header("Expires: 0");
> readfile($_GET['dir']);
>
> ?>
>
> Notice the unclosed bracket in the second line above? php can't parse it.
>
>
> George
More information about the VIM
mailing list