[VIM] mx_act RFI oddness
str0ke
str0ke at milw0rm.com
Tue Dec 19 22:21:30 EST 2006
Yep its a working RFI Steve.
/str0ke
On 12/19/06, Steven M. Christey <coley at linus.mitre.org> wrote:
>
> str0ke said:
>
> > I've gone over multiple false vulnerabilities from Dr Max Virus, so im
> > guessing he just copied someone elses perl rfi exploit and cut and
> > pasted his information.
> >
> > Ill have his exploit removed tonight and ill fix up an easy url for
> > future reference.
>
> Was anybody able to verify the mx_root_path vector? That seems like a
> strong possibility due to this code snippet:
>
> > > >if ( !file_exists($mx_root_path . 'modules/mx_act/language/lang_' . $board_config['default_lang'] . '/lang_activity.'.$phpEx ) )
> > > >{
> > > > include( $mx_root_path . 'modules/mx_act/language/lang_english/lang_activity.'.$phpEx );
> > > > $link_language='lang_english';
> > > >}
> > >
> > > ... which is a clear RFI vector since only define() statements appear
> > > before here.
>
>
> - Steve
>
More information about the VIM
mailing list