Users login

Create an account »

JOIN XATRIX

Users login

Home » Hacking News » phpmynuke css and phpinfo() vulnerability

phpmynuke css and phpinfo() vulnerability

by Nikola Strahija on January 8th, 2003 myphpnuke version 1.8.8_final_7 and prior that contain sysinfo are vulnerable to both css attack and phpinfo() Disclosure.


The problem is that
unlike the rest of the scripts under /admin/, sysinfo's footer script
called system_footer.php does not check who the user is.
Inside system_footer.php the following code is run:
echo "
";
phpinfo();
echo "
";

Thus showing any remote user sensitive data about the server.

-

Another problem in myphpnuke is the unchecked template includes.

Examples:

http://victim/html/partner.php?mainfile=anything&Default_Theme='

http://victim/html/chatheader.php?mainfile=anything&Default_Theme='

...and a couple more of these exist.

- Mindwarper
-- [email protected]


Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »