Re: FleXiBle Development Script Remote Command Exucetion And XSS Attacking
Hello botan,
I have some questions about this report.
>Web: http://www.ahbruinsma.nl
This web site requires a login. Even the front page is not
accessible.
>FleXiBle Development (FXB)
Is this a product, service, or a single web site? There is very
little information in Google.
>//Defining some functions and including them
>require('php/messages.php');
>//require base-file
>//require_once('php/base.php');
>include_once "baseconfig.inc.php";
These require/include statements do not use any variables, so the
paths cannot be controlled by a remote attacker.
>http://www.site.com/[path]/evilcode.txt?&cmd=uname -a
How does this "evilcode.txt" get into FXB? Do you upload it? Or do
you use directory traversal like ".." or "/abs/path"? Or do you do a
remote file inclusion?
Finally, your subject line says there is XSS, but your report does not
say anything about XSS. Is there also an XSS problem here?
Thank you,
Steve