Hi,
[EMAIL PROTECTED] schrieb am Thu, 17 Aug 2006 21:14:13 +:
>ok , here we go
>
>
>foreach ($avail_types as $type) {
Here $type is set to the values of the
$avail_types-Elements and then
>include($type . ".plugin.php");
$type is used for include. Initialized with
elements of $avail_types
ok , here we go
foreach ($avail_types as $type) {
include($type . ".plugin.php");
here's the source
so what's the problem ? your source is correct but the source that i found the
vuln. in it , shows that there is a Remote File Inclusion Vulnerabilite in your
script
Regards
T3rr0rist
Hi,
[EMAIL PROTECTED] schrieb am Wed, 16 Aug 2006 21:51:24 +:
>$req = HTTP::Request->new(GET =>$bpath.
>'plugins/plugins.php?>type='.$cmdo.'?&'.$bcmd.'='.$cmd)
>or die "\n Could not connect !\n";
With other words: You want to use parameter 'type' in
plugins/plugins.php.
But in plugins/plugi
#!/usr/bin/perl
###
# Aria-Security.net Advisory