Re: WDT :-phpopenchat-3.0.* ($sourcedir) Remote File Inclusion Exploit

Hi Frank, Frank Reißner schrieb am Fri, 8 Sep 2006 03:14:15 +0200: >You can bypass unset in php < 4.4.4 and < 5.14. :) Yes. But that's a vulnerability in PHP, not in whatever script make use of it. Regards Carsten -- Dipl.-Inform. Carsten Eilers IT-Sicherheit und Datenschutz

AW: WDT :-phpopenchat-3.0.* ($sourcedir) Remote File Inclusion Exploit

You can bypass unset in php < 4.4.4 and < 5.14. :) -Ursprüngliche Nachricht- Von: Carsten Eilers [mailto:[EMAIL PROTECTED] Gesendet: Freitag, 8. September 2006 00:18 An: [EMAIL PROTECTED]; bugtraq@securityfocus.com Betreff: Re: WDT :-phpopenchat-3.0.* ($sourcedir) Remot

Re: WDT :-phpopenchat-3.0.* ($sourcedir) Remote File Inclusion Exploit

Hi, [EMAIL PROTECTED] schrieb am Wed, 6 Sep 2006 19:17:11 +: >-Description--- > > >include_once("QueryString.php"); > >include_once("Settings.php"); > >include_once("$sourcedir/Subs.php"); > >include_once("$sourcedir/Errors.php"); > >include_once("$sourcedir/Load.p

WDT :-phpopenchat-3.0.* ($sourcedir) Remote File Inclusion Exploit

[W]orld [D]efacers Team Summary eVuln ID: WD23 Vendor: phpopenchat-3.0.* Vendor's Web Site: http://phpopenchat.org Class: Remote PoC/Exploit: Available Solution: Not Available Discovered by: rUnViRuS ( wdzone.net & worlddefacers.de ) ---