[VIM] Oddness - CoreNews 2.0.1 Remote Command Exucetion
Steven M. Christey
coley at mitre.org
Mon Mar 13 19:24:04 EST 2006
Ref:
BUGTRAQ:20060309 CoreNews 2.0.1 Remote Command Exucetion
http://www.securityfocus.com/archive/1/archive/1/427387/100/0/threaded
The researcher says:
>http://www.example.com/index.php?page=evilcode?&cmd=id
It's not clear where this is a file include issue, eval injection,
etc. The demo URL is not specific enough.
Also, I downloaded the source code for CoreNews 2.0.1 from this site:
http://www.php-spezial.de/start.php?go=top&id=&s=3
Doing a grep for "page" on the entire distribution does not return any
matches, except for unrelated example "homepage" URLs.
This is interesting, since it appears that this product is used by
some sites, and the page parameter is present and functioning.
Could this be a site-specific issue that is unrelated to CoreNews? Or
maybe there's a modified version that's also called "2.0.1" ?
Or maybe there's only so much you can see from a casual source
inspection :)
- Steve
More information about the VIM
mailing list