This bug exist in css/phpmyadmin.css.php. You can
include files. Error exist in
Code:
- ------
$tmp_file = $GLOBALS['cfg']['ThemePath'] . '/' .
$theme . '/css/theme_right.css.php';
if (@file_exists($tmp_file)) {
include($tmp_file);
} // end of include theme_right.css.php
- ------
And now you can get files.
Incorrect. This is NOT a 'remote' file inclusion(due to the file_exists
call), unless of course the affected user is running >= PHP5.0. It is
usually good practice to state this in an advisory. Please see Appendix L
at http://www.php.net/manual/en/wrappers.php
1.1
Or next include is in libraries/database_interface.lib.php
Code:
- ---
18# require_once('./libraries/dbi/' . $cfg['Server']['extension'] .
'.dbi.lib.php');
- ---
Also incorrect. The call to require_once passes the absolute path
'./libraries/dbi/' before the variable is involved. This is a LOCAL file
inclusion vulnerability.
- --- 5.Contact ---
Author: Maksymilian Arciemowicz
Location: Poland(Jelenia Gora), Luxembourg(Bereldange)
Email: max [at] jestsuper [dot] pl
GPG-KEY: http://security.jestsuper.pl
http://securityreason.com/ Team
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (FreeBSD)
iD8DBQFCHR89znmvyJCR4zQRAtj3AJ4wxM3WEn56GNohsG3f4U8Ku+/I8wCeMWQr
YklTAm82iDqNu3so1uYsmEk=
=ko9x
-----END PGP SIGNATURE-----
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Nullum magnum ingenium sine mixtura dementiae fuit
[There is no great genius without some touch of madness]
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Calum Power
- Cultural Jammer
- Security Enthusiast
- Hopeless Cynic
enune@fribble.net
http://www.fribble.net
