[VIM] [bogus RFI] [k3g at hackermail.com: b2evolution 1.9.1]
dm at securityfocus.com
dm at securityfocus.com
Fri Jan 19 17:07:21 EST 2007
Hey,
Just rejected a report to Bugtraq. This one already got debunked, see:
http://www.securityfocus.com/archive/1/444900
So a repeat of an old bogus report.
----- Forwarded message from mr alkomandoz <k3g at hackermail.com> -----
From: "mr alkomandoz" <k3g at hackermail.com>
Subject: b2evolution 1.9.1
To: bugtraq at securityfocus.com
Date: Sat, 20 Jan 2007 06:10:22 +0800
Message-Id: <20070119221022.CC37BB0FEF at ws4-4.us4.outblaze.com>
-----------------------------------------------
b2evolution 1.9.1 Remote File Include Vulnerablity
-----------------------------------------------
Author: Alk()mand()z
-----------------------------------------------
Code:
require_once $inc_path.'_main.inc.php';
-----------------------------------------------
3xplo!t:
blogs/index.php?inc_path=[Evil-Code]
-----------------------------------------------
download: http://sourceforge.net/project/downloading.php?groupname=evocms&filename=b2evolution-1.9.1-2006-12-02.zip&use_mirror=heanet
-----------------------------------------------
Greetz: KaBaRa, SpY0zErO, aG-SpIdEr - TOoOoFa
SpeciaL GreeTz : AsB-MaY-GrOuPs & A-S-T -Team
###################################################
# AsB-MaY.NeT & D4eG.OrG
###################################################
--
_______________________________________________
Get your free email from http://www.hackermail.com
----- End forwarded message -----
--
Dave McKinney
Symantec
keyID: BF919DD7
key fingerprint = 494D 6B7D 4611 7A7A 5DBB 3B29 4D89 3A70 BF91 9DD7
More information about the VIM
mailing list