Re: Gallery <= 1.4.4-pl4 (phpbb_root_path) Remote File Include Vulnerability

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Re: Gallery <= 1.4.4-pl4 (phpbb_root_path) Remote File Include Vulnerability
From: krasza@xxxxxxxxx
Date: 16 Jan 2007 16:50:48 -0000
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm

Hi,
Yeah ,  you are the best ;[
P.S:It is fake bug, because 
"(...)

$phpbb_root_path = "./";

(...)"
(http://www.google.com/codesearch?hl=pl&q=show:QzeIQQZQ7BQ:h8q8TE-XBMQ:Ex0tElneoM4&sa=N&ct=rd&cs_p=http://www.pottum.nl/gallery_web/gallery-1.4.4-pl4-sms9.tar.gz&cs_f=gallery/contrib/phpBB2/modules.php)

P.S2:When you publish something like that, I say "What an idiot!?"
-- 
Best degradation , Maciej `krasza` Kukla

Prev by Date: Announcement: The Cross-site Request Forgery FAQ
Next by Date: Re: Jax Petition Book (languagepack) Remote File Include Vulnerabilities
Previous by thread: Re: Gallery <= 1.4.4-pl4 (phpbb_root_path) Remote File Include Vulnerability
Next by thread: PHPATM Remote Password Disclosure Vulnerablity
Index(es):
- Date
- Thread