Re: TGS CMS Remote Code Execution Exploit

From: lcat <lcat@email.dp.ua>
To: bugtraq@securityfocus.com
Cc:
Subject: Re: TGS CMS Remote Code Execution Exploit
Date:


Hello BugtraQ, I tried to reproduce this advisory.
And found out that its impossible.
When you create a index.php file, executing admin.template_engine.php,
This index.php contains 
 require_once("lib/template.class.php");
but this is wrong file path and executing index.php stop with error 
Warning: require_once(./lib/template.class.php) 
Fatal error: require_once().
Goood Luck.





Copyright © 1995-2021 LinuxRocket.net. All rights reserved.