PDA

Bekijk Volledige Versie : DCP-Portal (PHP)



Frog Man
21/01/03, 01:33
Informations :
°°°°°°°°°°°°°°
Version : 5.0.1
Website : http://www.dcp-portal.org
Problems :
- Include file
- Access to users' accounts
- Access to the administration

PHP Code/ Location :
°°°°°°°°°°°°°°°°°°°°
The first & second hole will work if register_globals is ON.
/library/editor/editor.php :
----------------------------------------------------------
[...]
$abs_path_editor = "$root/library/editor/";
[...]
if( !isset($insertat_editor) ){
include $abs_path_editor."PropAcce_string.php";
}
[...]
----------------------------------------------------------

/library/lib.php :
----------------------------------------
<?
include ("$root/library/lib_nav.php");
include ("$root/library/lib_mods.php");
include ("$root/library/lib_admin.php");
include ("$root/library/lib_3rd.php");
[...]
----------------------------------------


inbox.php, update.php and all the members AREA :
---------------------------------------------------
[...]
if (!isset($HTTP_COOKIE_VARS["dcp5_member_id"])) {
header ("Location: login.php");
exit();
}
[...]
---------------------------------------------------

Admin area (/admin/*.php) :
--------------------------------------------------
if ($HTTP_COOKIE_VARS["dcp5_member_admin"] != 5) {
header("Location: index.php");
exit();
}
--------------------------------------------------

More details about Solutions & Exploits :
°°°°°°°°°°°°°°°°°°°°°°°°° °°°°°°°°°°°°°°°°
In French :
http://www.frog-man.org/tutos/DCP-Portal.txt
Translated by Google :
http://translate.google.com/translate?u=http%3A%2F%2Fwww.frog-man.org%2Ftutos%2FDCP-Portal.txt&langpair=fr%7Cen&hl=en&ie=ISO-8859-1&prev=%2Flanguage_tools


frog-m@n
http://www.phpsecure.org



__________________________________________________ _______________
MSN Search, le moteur de recherche qui pense comme vous !
http://search.msn.fr/worldwide.asp