[VIM] Bogus: Segue CMS <= 1.8.4 index.php Remote File Inclusion Vulnerability

str0ke str0ke at milw0rm.com
Mon Oct 1 18:03:39 UTC 2007

Hey George,

Test it out with globals = off

Seems hes doing some hacking look at index.php for register_globals.

So they need register_globals to be off for this vuln to work properly
<< kind of scary.


George A. Theall wrote:
> On 10/01/07 13:48, str0ke wrote:
>> Strange seems after posting most of the targets are hacked or webpages
>> have gone offline in the last 30 minutes or so.
> Yeah, weird. I installed 1.8.4 with register_globals and
> magic_quotes_gpc enabled (docs/INSTALL.txt recommends both settings)
> and using PHP 4.4 (old, but that's what I have in on my general LAMP
> lab box). Debug statements around the supposedly vulnerable line of
> code as well as before / after where it's set in config.inc.php show
> the value I'm passing in via the URL is getting overwritten and not
> re-appearing.
> George

More information about the VIM mailing list