Hello botan, I have some questions about this report. >Web: http://www.ahbruinsma.nl This web site requires a login. Even the front page is not accessible. >FleXiBle Development (FXB) Is this a product, service, or a single web site? There is very little information in Google. >//Defining some functions and including them >require('php/messages.php'); >//require base-file >//require_once('php/base.php'); >include_once "baseconfig.inc.php"; These require/include statements do not use any variables, so the paths cannot be controlled by a remote attacker. >http://www.site.com/[path]/evilcode.txt?&cmd=uname -a How does this "evilcode.txt" get into FXB? Do you upload it? Or do you use directory traversal like ".." or "/abs/path"? Or do you do a remote file inclusion? Finally, your subject line says there is XSS, but your report does not say anything about XSS. Is there also an XSS problem here? Thank you, Steve
