It's not a bug, it's seems to be a feature. Take a look closer, the
files are fisically there.
I think a simple unix command can solve that security issue:
rm -fr *.php~
Best regards,
bro wrote:
In Simple Machine Forum application version 1.1.10,
everybody can see some PHP files as like as
When editing a file with vi or other editors it creates a temporary version
of the original appending next the filename a tilde (~), looks to me that's
the case.
2009/9/23 bro tweetycoas...@gmail.com
In Simple Machine Forum application version 1.1.10,
everybody can see some PHP files as like
I had the same kind of files in my SMF forum. I've never uploaded files
with a ~ at the end. In my opinion, that happens when the admin
updates a SMF forum (with the webadmin panel).
Anyway, the critical file Settings.php is not viewable.
Anastasios Monachos wrote:
When editing a file with
In Simple Machine Forum application version 1.1.10,
everybody can see some PHP files as like as index.php by any browsers
just added ~ symbol to end of filename.
examples:
http://vulnsite.com/path_of_SMF/index.php~
http://vulnsite.com/path_of_SMF/ssi_examples.php~
It works for smf 2.0 rc1.2 too
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/