Hi, D3nGeR@xxxxxxxxx schrieb am Fri, 25 Aug 2006 22:50:11 +0000: >##################################### >############################################# > >#Jupiter CMS 1.1.5 index.php Remote File Include > ># the code > >#$template = "default"; > ># include "templates/$template/id.php"; Nice try. But as you wrote yourself: $template is initalized with "default", so what happens to your template=[Evil Code]? Right, it's overwritten, gone, away. The result: No vulnerability. Regards Carsten -- Dipl.-Inform. Carsten Eilers IT-Sicherheit und Datenschutz <http://www.ceilers-it.de>
