On Sun, Mar 20, 2005 at 01:58:51AM +0100, Gerardo Di Giacomo wrote:
> Ulf Harnhammar wrote:
> > include("templatedir/$file");
>
> with this you can do
>
> file=../../../../../../../../../../../../../etc/passwd
>
> directory traversal and get any (readable) file from the server.
>
> Not the same vulnerability, but a vulnerability :)
Yes, that's true.
What about a command line option for choosing whether you want to see all includes
containing variables or just the ones that might be remote inclusion bugs?
// Ulf
Received on Sun Mar 20 2005 - 01:07:02 GMT