<<< Date Index >>>     <<< Thread Index >>>

Re: gnopaste <= 0.5.3 (index.php) Remote File Include Vulnerability



trzindan@xxxxxxxxxx ha scritto:
> index.php
>
> include(GNP_REAL_PATH . 'includes/common.php');
>
>   
Bogus!
First: GNP_REAL_PATH is a constant which means it has an unchangeable
value (RTM)
Second: GNP_REAL_PATH is setted on line #39 (Open your eyes)

Regards
--
Francesco Laurita