arfis

automated Remote File Inclusion search

RFI (0.2): Mods 4 Xoops Contenido eZ publish September 14, 2007

Filed under: RFI — arfis @ 5:45 am

Project Name: Mods 4 Xoops Contenido eZ publish
Project Link: http://sourceforge.net/projects/pdf4cms/
Project DL: http://surfnet.dl.sourceforge.net/sourceforge/pdf4cms/contenido42VV10.zip
RFI Info:
File: tmp/contenido42VV10/contenidofinal/contenido/main_upl.php
Line: 2
Vuln Code: include($cfgPathInc.”fnc_upl.inc.php”);

File: tmp/contenido42VV10/contenidofinal/contenido/main_con_editside.php
Line: 2
Vuln Code: include($cfgPathInc.”fnc_con.inc.php”);

File: tmp/contenido42VV10/contenidofinal/contenido/main_news_rcp.php
Line: 2
Vuln Code: include($cfgPathInc.”fnc_news.inc.php”);

File: tmp/contenido42VV10/contenidofinal/contenido/main_mod.php
Line: 2
Vuln Code: include($cfgPathInc.”fnc_mod.inc.php”);

File: tmp/contenido42VV10/contenidofinal/contenido/inc/con_show_sidelist.inc.php
Line: 5
Vuln Code: include ($cfgPathContenido.$cfgPathTpl.”all_html_line0.inc.php”);

File: tmp/contenido42VV10/contenidofinal/contenido/inc/mod_show_modules.inc.php
Line: 5
Vuln Code: include ($cfgPathContenido.$cfgPathTpl.”all_html_line0.inc.php”);

File: tmp/contenido42VV10/contenidofinal/contenido/inc/con_edit_form.inc.php
Line: 94
Vuln Code:

File: tmp/contenido42VV10/contenidofinal/contenido/inc/lay_show_layouts.inc.php
Line: 5
Vuln Code: include ($cfgPathContenido.$cfgPathTpl.”all_html_line0.inc.php”);

File: tmp/contenido42VV10/contenidofinal/contenido/inc/con_show_tree.inc.php
Line: 7
Vuln Code: include($cfgPathContenido.$cfgPathTpl.”all_html_line0.inc.php”);

File: tmp/contenido42VV10/contenidofinal/contenido/inc/news_show_newsletters.inc.php
Line: 24
Vuln Code: include($cfgPathContenido.$cfgPathTpl.”all_html_emptycol.inc.php”);

File: tmp/contenido42VV10/contenidofinal/contenido/inc/upl_show_uploads.inc.php
Line: 16
Vuln Code: include($cfgPathInc.”upl_upload_form.inc.php”);

File: tmp/contenido42VV10/contenidofinal/contenido/inc/str_show_tree.inc.php
Line: 6
Vuln Code: include($cfgPathContenido.$cfgPathTpl.”all_html_line0.inc.php”);

File: tmp/contenido42VV10/contenidofinal/contenido/inc/tpl_show_templates.inc.php
Line: 5
Vuln Code: include ($cfgPathContenido.$cfgPathTpl.”all_html_line0.inc.php”);

File: tmp/contenido42VV10/contenidofinal/contenido/inc/stat_show_tree.inc.php
Line: 5
Vuln Code: include($cfgPathContenido.$cfgPathTpl.”all_html_line0.inc.php”);

File: tmp/contenido42VV10/contenidofinal/contenido/inc/con_editcontent.inc.php
Line: 2
Vuln Code: if ($action == 10) {include($cfgPathContenido.$cfgPathTpl.”tplInputField_”.$type.”.inc.php”);}

File: tmp/contenido42VV10/contenidofinal/contenido/inc/news_show_recipients.inc.php
Line: 43
Vuln Code: include($cfgPathContenido.$cfgPathTpl.”all_html_emptycol.inc.php”);

File: tmp/contenido42VV10/contenidofinal/contenido/main_tplinput_edit.php
Line: 2
Vuln Code: include($cfgPathInc.”fnc_tplinput.inc.php”);

File: tmp/contenido42VV10/contenidofinal/contenido/main_con.php
Line: 2
Vuln Code: include($cfgPathInc.”fnc_con.inc.php”);

File: tmp/contenido42VV10/contenidofinal/contenido/main_tpl.php
Line: 2
Vuln Code: include($cfgPathInc.”fnc_tpl.inc.php”);

File: tmp/contenido42VV10/contenidofinal/contenido/main_con_sidelist.php
Line: 2
Vuln Code: include($cfgPathInc.”fnc_con.inc.php”);

File: tmp/contenido42VV10/contenidofinal/contenido/main_str.php
Line: 2
Vuln Code: include($cfgPathInc.”fnc_str.inc.php”);

File: tmp/contenido42VV10/contenidofinal/contenido/main_news.php
Line: 2
Vuln Code: include($cfgPathInc.”fnc_news.inc.php”);

File: tmp/contenido42VV10/contenidofinal/contenido/main_tplinput.php
Line: 2
Vuln Code: include($cfgPathInc.”fnc_tplinput.inc.php”);

File: tmp/contenido42VV10/contenidofinal/contenido/main_lang.php
Line: 2
Vuln Code: include($cfgPathInc.”fnc_lang.inc.php”);

File: tmp/contenido42VV10/contenidofinal/contenido/main_mod_edit.php
Line: 2
Vuln Code: include($cfgPathInc.”fnc_mod.inc.php”);

File: tmp/contenido42VV10/contenidofinal/contenido/main_lay.php
Line: 2
Vuln Code: include($cfgPathInc.”fnc_lay.inc.php”);

File: tmp/contenido42VV10/contenidofinal/contenido/main_lay_edit.php
Line: 2
Vuln Code: include($cfgPathInc.”fnc_lay.inc.php”);

File: tmp/contenido42VV10/contenidofinal/contenido/main_user_md5.php3
Line: 2
Vuln Code: include($cfgPathTpl.”header.php”);

File: tmp/contenido42VV10/contenidofinal/contenido/main_news_send.php
Line: 2
Vuln Code: include($cfgPathInc.”fnc_news.inc.php”);

File: tmp/contenido42VV10/contenidofinal/contenido/main_con_edittpl.php
Line: 2
Vuln Code: include($cfgPathInc.”fnc_tpl.inc.php”);

File: tmp/contenido42VV10/contenidofinal/contenido/main_stat.php
Line: 2
Vuln Code: include($cfgPathInc.”fnc_stat.inc.php”);

File: tmp/contenido42VV10/contenidofinal/contenido/tpl/actions_mod.php
Line: 4
Vuln Code: include($cfgPathTpl.”all_html_table1_3.inc.php”);

File: tmp/contenido42VV10/contenidofinal/contenido/tpl/actions_lay.php
Line: 4
Vuln Code: include($cfgPathTpl.”all_html_table1_3.inc.php”);

File: tmp/contenido42VV10/contenidofinal/contenido/tpl/actions_upl.php
Line: 8
Vuln Code: include($cfgPathTpl.”all_html_table1_3.inc.php”);

File: tmp/contenido42VV10/contenidofinal/contenido/tpl/actions_stat.php
Line: 4
Vuln Code: include($cfgPathTpl.”all_html_table1_3.inc.php”);

File: tmp/contenido42VV10/contenidofinal/contenido/tpl/actions_news.php
Line: 4
Vuln Code: include($cfgPathTpl.”all_html_table1_3.inc.php”);

File: tmp/contenido42VV10/contenidofinal/contenido/tpl/actions_str.php
Line: 6
Vuln Code: include($cfgPathTpl.”all_html_table1_3.inc.php”);

File: tmp/contenido42VV10/contenidofinal/contenido/tpl/header.php
Line: 123
Vuln Code: include($cfgPathTpl.”form_client.php”);

File: tmp/contenido42VV10/contenidofinal/contenido/tpl/actions_con_sidelist.php
Line: 4
Vuln Code: include($cfgPathTpl.”all_html_table1_3.inc.php”);

File: tmp/contenido42VV10/contenidofinal/contenido/tpl/main_top.inc.php
Line: 3
Vuln Code: include($cfgPathTpl.”all_html_table1_1.inc.php”);

File: tmp/contenido42VV10/contenidofinal/contenido/tpl/actions_tpl.php
Line: 4
Vuln Code: include($cfgPathTpl.”all_html_table1_3.inc.php”);

File: tmp/contenido42VV10/contenidofinal/contenido/tpl/actions_con.php
Line: 4
Vuln Code: include($cfgPathTpl.”all_html_table1_3.inc.php”);

File: tmp/contenido42VV10/contenidofinal/contenido/main_tpl_edit.php
Line: 2
Vuln Code: include($cfgPathInc.”fnc_tpl.inc.php”);

File: tmp/contenido42VV10/contenidofinal/contenido/main_news_edit.php
Line: 2
Vuln Code: include($cfgPathInc.”fnc_news.inc.php”);

(found with version 0.2 – 3613 projects processed so far)

About these ads
 

 
Follow

Get every new post delivered to your Inbox.

Join 25 other followers