[VIM] Bogus: Segue CMS <= 1.8.4 index.php Remote File Inclusion Vulnerability

George A. Theall theall at tenablesecurity.com
Mon Oct 1 17:53:59 UTC 2007

On 10/01/07 13:48, str0ke wrote:

> Strange seems after posting most of the targets are hacked or webpages
> have gone offline in the last 30 minutes or so.

Yeah, weird. I installed 1.8.4 with register_globals and 
magic_quotes_gpc enabled (docs/INSTALL.txt recommends both settings) and 
using PHP 4.4 (old, but that's what I have in on my general LAMP lab 
box). Debug statements around the supposedly vulnerable line of code as 
well as before / after where it's set in config.inc.php show the value 
I'm passing in via the URL is getting overwritten and not re-appearing.

theall at tenablesecurity.com

More information about the VIM mailing list