arfis

automated Remote File Inclusion search

RFI (0.3): Webmedia Explorer September 14, 2007

Filed under: RFI — arfis @ 5:10 pm

Project Name: Webmedia Explorer
Project Link: http://sourceforge.net/projects/webmex/
Project DL: http://surfnet.dl.sourceforge.net/sourceforge/webmex/Webmedia_Explorer_3_2_2.zip
RFI Info:
File: tmp/Webmedia_Explorer_3_2_2/wme/includes/core.lib.php
Line: 3
Vuln Code: include ( $path_include.”int.class.php” );

File: tmp/Webmedia_Explorer_3_2_2/wme/includes/rss.class.php
Line: 3
Vuln Code: include ( $path_include.”xdoc.class.php” );

File: tmp/Webmedia_Explorer_3_2_2/wme/templates/main.tpl.php
Line: 14
Vuln Code:

File: tmp/Webmedia_Explorer_3_2_2/wme/templates/folder_messages_link_message_name.tpl.php
Line: 7
Vuln Code: I_am_post () ) include ( $path_template.”folder_messages_link_message_desc.tpl.php” ) ?>

File: tmp/Webmedia_Explorer_3_2_2/wme/templates/sidebar.tpl.php
Line: 7
Vuln Code: include ( $path_templates.”dirs.tpl.php” );

(found with version 0.3 – 4016 projects processed so far)

About these ads
 

 
Follow

Get every new post delivered to your Inbox.