[VIM] phpMyConferences <= 8.0.2 Remote File Disclosure Vulnerability

str0ke str0ke at milw0rm.com
Wed Oct 31 20:48:45 UTC 2007


Removing this on my side.  Good find man.

/str0ke

George A. Theall wrote:
> I don't know how many sites are actually affected by this. Here's the
> affected script as it appears in version 8.0.2:
>
>   <?php
>   header("Content-disposition: attachment; filename=".$_GET('filname']);
>   header("Content-Type: application/force-download");
>   header("Content-Transfer-Encoding: binary");
>   header("Content-Length: ".filesize($_GET['dir']));
>   header("Pragma: no-cache");
>   header("Cache-Control: no-store, no-cache, must-revalidate,
> post-check=0, pre-check=0");
>   header("Expires: 0");
>   readfile($_GET['dir']);
>
>   ?>
>
> Notice the unclosed bracket in the second line above? php can't parse it.
>
>
> George


More information about the VIM mailing list