Pantek Library
Hosting Provided By
CybrHost
High Speed Hosting
Mailing Lists: securityfocus.com > bugtraq > 07 > 070348.html (Request Expert securityfocus.com Support)

Re: PHMe CMS 0.0.2 local File Include Vulnerabilitiy

From: BlackHawk <hawkgotyou(at)gmail.com>
Date: Mon Jul 23 2007 - 12:57:44 EDT


Hello h4ck3riran,

looks like you need mq=off to make this attack.. and this is quite impossible a tthe time because is defailt on..

Monday, July 23, 2007, 4:04:41 PM, you wrote:

> # Tilte: PHMe CMS 0.0.2 local File Include Vulnerabilitiy 

> # 
> # 
> # < Author: You_You >
> # < Software: PHMe CMS >
> # < Site Script: 
http://sourceforge.net/projects/phme >

>

> proof Of Concept :
>
> www.example.com/[path]/resources/function_list.php?action=[Local Script]%00

-- 
Best regards,
 BlackHawk                            mailto:hawkgotyou@gmail.com
Received on Mon Jul 23 13:24:27 2007

This archive was generated by hypermail 2.1.8 : Sun Oct 28 2007 - 06:09:56 EDT

Contact Us  Legal Notices  Order Services Online 
Pantek Home  Privacy Policy  IT news  Site Map  Pantek Library