|
Message-ID: <CA+s+YOLcT+mJ9VHCsd3ns8bE1ra0=ot=mHAUUtiGXsUXjUbu2Q@mail.gmail.com> Date: Mon, 27 Feb 2012 14:10:25 +0000 From: Whitney Houston <i4m4l1v3b17ch3z@...il.com> To: oss-security@...ts.openwall.com Subject: DesktopOnNet 3 Beta LFI Hello list I want to report serious scary issue, I find this vulnerability that make me fall off chair and giggle like silly slut. Project: http://sourceforge.net/projects/don3/ <?php require('system/switches.php'); if (file_exists('applications/'.$_GET["app"].'.don3app/'.$_GET["app"].'.php')){ $appfile = $_GET["app"]; $app_path = "applications/".$appfile.".don3app/"; } else { $appfile = "frontpage"; $app_path = "applications/frontpage.don3app/"; } if (file_exists("library/$appfile.don3lib")){ $topper_array = don3_read_don3lib($appfile.".don3lib"); $title = $topper_array[0]; } else { $title = "ERROR T1"; } $topper_includer = 'applications/'.$appfile.'.don3app/'.$appfile.'.php'; .... include ($topper_includer); Obviously I keep this bug super secret for many month but now i release for all, after my recent death. xx
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.