[VIM] Bogus: Segue CMS <= 1.8.4 index.php Remote File Inclusion Vulnerability
str0ke
str0ke at milw0rm.com
Mon Oct 1 18:03:39 UTC 2007
Hey George,
Test it out with globals = off
Seems hes doing some hacking look at index.php for register_globals.
So they need register_globals to be off for this vuln to work properly
<< kind of scary.
/str0ke
George A. Theall wrote:
> On 10/01/07 13:48, str0ke wrote:
>
>> Strange seems after posting most of the targets are hacked or webpages
>> have gone offline in the last 30 minutes or so.
>
> Yeah, weird. I installed 1.8.4 with register_globals and
> magic_quotes_gpc enabled (docs/INSTALL.txt recommends both settings)
> and using PHP 4.4 (old, but that's what I have in on my general LAMP
> lab box). Debug statements around the supposedly vulnerable line of
> code as well as before / after where it's set in config.inc.php show
> the value I'm passing in via the URL is getting overwritten and not
> re-appearing.
>
>
> George
More information about the VIM
mailing list